Too complicated and not necessarily random enough. Use sources that are made for that purpose:
mcrypt_create_iv($salt_len, MCRYPT_DEV_URANDOM)
or
openssl_random_pseudo_bytes($salt_len)
or
$buffer = '';
$f = fopen('/dev/urandom', 'r');
$read = strlen($buffer);
while ($read < $salt_len) {
$buffer .= fread($f, $salt_len - $read);
$read = strlen($buffer);
}
fclose($f);
Preferably all used as several layers of fallback, as shown in https://github.com/ircmaxell/password_compat/blob/master/lib/password.php#L84