Leaderboard

Sounds like you're talking about doing this in Javascript? If you're implementing your own bot check then it can't be in Javascript because the bots can just ignore that. It has to be in PHP. Doing that means you need to "remember" $entry from before. If you put that as a hidden input in the form then guess what the bots will do. There's a really simple way to solve this, though. Don't remember $entry but a hash of it, then check the hashes. $hash = sha1(__FILE__ . $entry); <input type="hidden" name="hash" value="<?= $hash ?>"> Then your PHP does the hash the same way but using the number the user put in the form, and it checks that the result matches the hash from the form. Bots can't figure out what value generated the hash, which also means they can't successfully substitute their own hash value. But know that bots are capable of solving math problems like this...