The easiest way to make sure that all users got the most recent version of your pages, whether they being static HTML, or dynamically managed with a CMS, is to simply tell browsers not to cache your pages. This is fine in most circumstances, but if you care about your site performance, then you may want to consider caching.
Even when you supposedly got everything setup correctly, there may be circumstances where the browser doesn't send a conditional request to re-validate the HTTP If-modified-since as you'd expect.
The Expires Header
You don't really need the Expires Header when you are sending the HTTP If-modified-since header, but sometimes you apparently do for some reason. Setting the Expires header to either somewhere in the past or -1 will force re-validation with If-modified-since, and this is consistent across browsers.
Setting the expires header in PHP can be done like below:
So all the headers that you need to send, would likely be as follows:
header("Last-Modified: ".gmdate("D, d M Y H:i:s", $time)." GMT"); header("Etag: $etag"); header("Expires: -1");
Where the Etag header is used to check if the script it self was updated, by checking the file-size for example.