On Tue, 2009-10-20 at 23:41 +0200, Kim Madsen wrote: > Gary wrote on 2009-10-20 22:55: > > I like that idea,so in other words they have to get to the form from another > > page on the site, and you set a time limit for a minimum amount of time they > > spend on the page(5-10 seconds)? > > I don't set any time, just the session to prevent direct hits from a > spam script. But if you wanna improve the solution using a time check > you could save a microtime() value in the session and the test it > against current time on the form page and the have a min. threshold that > is accepted. > > -- > Kind regards > Kim Emax - masterminds.dk > Almost all of the suggestions so far have been to prevent bots, which is great, but the op has mentioned a few times that it's human spammers that are the problem. Have you considered using some sort of language analysis algorithm on the text to determine if it is spam or not, in a way similar to email spam detection. Do a search for 'php spam filters' and there are quite a few different possible options. Thanks, Ash http://www.ashleysheridan.co.uk