How to do a non-cached 301 redirect?

301 is a permanent redirect, so caching makes sense. If your redirect isn't permanent, use 307 (temporary redirect), 302 (found) or 303 (see other).

See here for the appropriate use cases.

To elaborate on the differences between these three:

• 307 is the generic, temporary redirect for when a resource is moved. For example, a URL like domain.com/news/latest might do a 307 redirect to the latest news article, domain.com/news/article-594873. Since this temporary redirection may persist for a while (that particular article may be the latest for several hours), browsers might cache the redirect. To control the degree to which they do, use cache control headers.
• 303 is the redirect that must not be cached, ever. For example, POSTing a new article to domain.com/news might create a new news article, and a 303 redirect to it is provided to domain.com/news/article-978523. Since another POST request results in a completely different, new article being created, it cannot be cached.
• 302 is a bit stranger, I've never used it myself. Apparently it's more of a legacy substitute for the 303, for earlier HTTP 1.0 version clients who do not understand the 303.

Since you asked specifically about PHP:

<?php
function header_redirect_permanent($url)
    {
    header($_SERVER['SERVER_PROTOCOL'] . ' 301 Moved Permanently', true, 301);
    header('Location: ' . $url);
    }

function header_no_cache()
    {
    header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
    header('Expires: Sat, 26 Jul 1997 05:00:00 GMT'); // past date to encourage expiring immediately
    }

You can stop agents from caching a 301 as well, if you must, using the above cache control headers like this:

header_no_cache();
header_redirect_permanent($url);

or simply add

header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');
header('Location:'.$url, true, 301);
exit;