It struck me as odd that you would want to change apache htpasswds with a cron job. That would imply that you are auto-generating them somehow. That being the case, I think Kerckhoff's principle would apply. I.e., "the enemy knows the system." In practice periodically changing passwords sounds like a pretty good way to improve security somewhat in that you wouldn't have old passwords sticking around. On the other hand, if they are generated predictably, that kind of doesn't help.
If you want to use PHP to make an htpasswd change, I would suggest using [man]exec[/man] and formulating an htpasswd command with the -b flag which would let you specify a) the location of the password file you want to store it in, b) the username for which you are changing the password, and c) the password itself. I wonder, though, if there will be a shell history somewhere (like one's .bash_history file) that would store all these passwords on disk somewhere?
It's also worth noting that the htpasswd command accepts flags (-m, -d, -s) that let you specify the type of hash/encryption to be used. I would imagine that if you were to use PHP, you would just have to make sure the encryption/hash method you use would have to match what apache expects. However, you might need to also reboot apache? I'm not at all sure about that.
