Determining Entropy in PHP

I am using the following code in my code to send a password reset token to a user.

$token = md5($user_id . time());

Why this is considered as a bad approach being cited as it has a weak entropy? The above code would generate a scary-looking 32 bit token that an attacker cannot decipher at all.

Suppose md5 reverse engineering is not possible (Although it is).

My question is why this is a bad approach? How do I say it has a weak entropy? Is there a way I can calculate its entropy?