There are lot’s of ways you could do it, but I think a good way to go from a security/usability standpoint is to set up a subdir, or subdomain, for this purpose and use a filemanager or uploader type script to allow your client to upload files to your account space.
For a filemanager, I use, and recommend, ffileman, which allows you to install it in a single directory, with it’s own username/password, and lets you restrict how far up the directory tree the user can travel.
For an uploader, it’s hard to beat uber-uploader. It does not use any password functions but it also does not allow browsing around the directory at all, only uploading. You could always install that in a directory that is password protected using apache authentication (.htaccess), which you can easily implement via the DH control panel.
With either of these approaches, there are certain advantages over ftp and/or pure PHP driven filemanagers/uploaders.
Does not require the creation of a new machine user for your account or require you to share your credentials.
Simplifies subsequent use of uploaded files by your machine user, as all the files are owned by you. (thanks, suEXEC!).
Upload file size is not limited by PHP installation settings.
You user needs nothing but a browser to send you the files.