Rather pain or rather spam?

[Bagi Zoltán]

Hey guys,
I am pretty sure that some of you i hope many of you will have some suggestion for me about my concern.

I have just redesigned a contact page and wanted to make it as painless as it is possible. The captcha can not be avoided but, the background of the input changes and a short feedback text appears if the typed code and the security code are identical.

This is the inline javascript which is executed at onkeyup event

Code:

function count(){
var desc = document.getElementById("seccode_id").value;
var code = "<?php echo $_SESSION['secword'];?>";
if (desc==code)
{document.getElementById("seccode_id").style.backgroundColor="#E2FFB1";
document.getElementById("ok").style.visibility="visible";}
}

I stressed my concer with bold style. The value of the captca is printed into the html code directly. If i placed the javascript into external js file it couldn't parse the php secword session variable, so it must stay in the code.
What do you think, will the spamming robots pick the perfect answer from the html code and inject it into the input form?
Thank you in advance!

[KingPin]

Google can read HTML forms now, but only to a certain extent.

The Del.icio.us captcha has been cracked, also the phpbb one.

I think it's only a matter of time before all captchas are cracked but I would go for something as secure as you could possibly make it.

KP

[OldWelshGuy]

The questions are the best IMO. eg. what is a young cat called? What colour is a banana?