This article about php form security:
http://nedbatchelder.com/text/stopbots.html
... mentions a "spinner" as:
The spinner is a hidden field used for a few things: it hashes together a number of values that prevent tampering and replays, and is used to obscure field names. The spinner is an MD5 hash of:
* The timestamp, * The client's IP address, * The entry id of the blog entry being commented on, and * A secret.
The field names on the form are all randomized. They are hashes of the real field name, the spinner, and a secret. The spinner gets a fixed field name, but all other fields on the form, including the submission buttons, use hashed field names.
Does anyone have a code sample of how to implement this on a php page containing a form and the associated php form submission script?
I don't want to use AJAX, just PHP.