I use to have owned php scripts on a dedicated server by user "webroot".
It would be easier for coding and administration if the scripts were owned by the apache2 user, "www-data" on my system. Also feels more simple and clean.
There is no ftp on this box and there are no other users or sites.
Why not have the php scripts owned by www-data? If there is anything against it, what is the worst that can happen?
I strongly not recommend using apache user as the owner of the files for security reasons. If one of your apache php scripts is compromised it will be able to write on any file owned by apache.
You should use the ownership to apache user strictly for files that you need to be changed by php.
Sounds like you use Ubuntu (like flavor as they use the www-data user)
I would recommend always to let the apache user and group (set in httpd.conf or apache.conf) be the owner of your website files.
I prefer using apache:apache though
The danger is that a script or the web server could be compromised, allowing an attacker to write PHP files to your server. How realistic that threat is depends on things like if your scripts allow the uploading of files (and how well they check their file types) and what software is running. Security isn't a yes/no either/or proposition -- one typically looks for opportunities to make a server more secure in many different places. Unfortunately it is almost always the case that security is at odds with convenience.
The argument against having the same user own the files and run the httpd process would be that if your apache instance was compromised, the attacker could modify the files in your docroot.
Like usual, security and ease-of-use are at odds, so you'll have to make the call depending on your environment.
This article on apache and file ownership/permissions is a bit old, but the same principles still apply
http://onlamp.com/pub/a/apache/2004/05/28/apacheckbk.html