A while back, I started looking into Digest Authentication as a method of authenticating users of a website without sending passwords about in plain text. I'm not really sure why, but I find the entire thing quite fascinating (to the point that my reading material on one particular train journey was RFC 2617 - HTTP Authentication). Yes I am aware of how sad a reflection this is on my life ☺.
Finding a PHP implementation of it was kinda tricky and I wanted to write my own anyway, so that is exactly what I did.
After a while of fruitlessly trying to get MD5 checksums to match those being sent by the browser, I finally realised that it was all defined nicely in the aforementioned RFC and that I just hadn't noticed it.... Figuring out how to do Auth-int in PHP was also "fun".
Anyway, the current version of my implementation is now available to anyone who is interested. There are various issues with it that are all documented in the comments at the top along with the usage instructions and other such information.