"Virtual" shell, ie. jailing an user inside a process after the (SSH) login

Following the updated information, you should have them do private/public key pairs and inside the .ssh/authorized_keys file set it to only run script.php file. You shouldn't rely on the .bashrc for protection, especially since that is needed to initialize the environment.

You can change shell for the user in question to whatever you like in the last field on the appropriate line in /etc/passwd, e.g.:

specialuser:x:12345:123::/home/specialuser:/usr/bin/restricted_script.php

if you include appropriate hash-bang (e.g. #!/usr/bin/php on the first line of the script) it should work right away. For security reasons I would recommend not to put the script into a directory writeable by the user.