[wfn]

  if ($sectrip != "") {
    $salt = "LOLLOLOLOLOLOLOLOLOLOLOLOLOLOLOL"; #this is ONLY used if the host doesn't have openssl
                                                #I don't know a better way to get random data

[arb99]

a few lines down:

  system("openssl rand 448 > '".SALTFILE."'",$err);
                if ($err === 0) {
                    chmod(SALTFILE,0400);
                    $salt = file_get_contents(SALTFILE);
                }

[slipstream-]

I saw that. "LOLLOLOLOLOLOLOLOLOLOLOLOLOLOLOL" was my reaction, too.