"While exploring a rather large PHP codebase at my new job," Anthony C writes, "I kept coming across a rather curious pattern from the previous developers:

src="content.php?NoCache=<?php $random = make_random_code(); echo("$random"); ?>"

"Clearly, it was just being used to prevent 'content.php' (or whatever page) from being cached, so I never bothered looking into it any further. Eventually though, curiousity got the better of me, and I just had t take a look...

<?php
   // Function to generate a random code
   function make_random_code() {
      // Salt value
      $salt = "abcdefghijklmnopqrstuvwxyz0123456789";
      // Use the time to create a random value
      srand((double)microtime()*1000000);
      // Set i = 0
      $i = 0;
      
      // Do while i <= 7
      while ($i <= 7) {
         // Generate a random number
         $num = rand() % 33;
         // Create a tmp value
         $tmp = substr($salt, $num, 1);
         // Create the random code
         $random_code = $random_code . $tmp;
         // Increment i by 1
         $i++;
      }
      // Return the random code
      return $random_code;
   }
   
   // Call the function to generate a random code
   $random = make_random_code();
?>

"I wasn't quite sure what to think. Why is '$salt' named that way... at a stretch, I could understand 'seed'; but 'salt'? Why seed ('salt'?) the randomizer with (double)microtime()*1000000, when microtime() already returns a string that looks like '0.53138500 1203062920'? Why srand - which is basically deprecated as of PHP4, and accepts an int as an argument, not a double. And why, oh why use a loop?

"I decided against any further exploration or even trying to figure out why my predecessors chose such an elaborate routine to generate a random string to prevent a browser from cacheing. I just quitely replaced it with content.php?rnd=<?php echo time(); ?>.