If you do a search on google for "php captcha" you'll find plenty of tutorials and free code to plug into your site.

Edit: You can also find out more at the wikipedia article: [en.wikipedia.org ]

This is my form:

<?

ini_set("session.use_trans_sid",0);
error_reporting(E_ALL & ~E_NOTICE);

session_start();
session_register("secret_number");

require "config.php";
require "lang/".$LANGFILE;

function mt() {
list($usec, $sec) = explode(' ', microtime());
return (float) $sec + ((float) $usec * 100000);
}

if (isset($bad)) {
$brokenlink=intval($bad);
mysql_query("UPDATE ".$db["prefix"]."main SET broken=broken+1 WHERE lid='$brokenlink';") or die(mysql_error());
print ("<HTML><HEAD>\n");
print ("<META HTTP-EQUIV=refresh CONTENT='0;url=javascript:window.close()'>\n");
print ("</HEAD></HTML>\n");
exit;
}

if ($HTTP_POST_VARS["do"]=="add") {

$ttitle=mhtml(substr($HTTP_POST_VARS["ttitle"],0,256));

$url=$HTTP_POST_VARS["url"];
if (substr($url,0,7)!="http://") $url="http://".$url;
$url=mhtml(substr($url,0,256));

$email=mhtml(substr($HTTP_POST_VARS["email"],0,256));
$description=mhtml(substr($HTTP_POST_VARS["description"],0,2048));
$resfiled1=mhtml(substr($HTTP_POST_VARS["resfiled1"],0,2048));
$resfiled2=mhtml(substr($HTTP_POST_VARS["resfiled2"],0,2048));
$resfiled3=mhtml(substr($HTTP_POST_VARS["resfiled3"],0,2048));
$c1=intval($HTTP_POST_VARS["c1"]);

$error="";

if ($cat["robotsdeny"]=="on") {
if ($HTTP_POST_VARS["secretcode"]!=$HTTP_SESSION_VARS["secret_number"]) $error.="<LI>".$LANG["secretcodeerror"];
}

if ($c1==0) $error.="<LI>".$LANG["mustbecat"];
if (empty($email)) $error.="<LI>".$LANG["mustbeemail"];
if (empty($url)) $error.="<LI>".$LANG["mustbeurl"];
if (empty($ttitle)) $error.="<LI>".$LANG["mustbetitle"];
if (empty($description)) $error.="<LI>".$LANG["mustbedescription"];

if (empty($error)) {
if ($cat["mailifnewlink"]=="yes") {
mail($cat["mailifnewlinkto"],$cat["mailifnewlinksubject"],"TITLE: $ttitle\nURL: $url\n");
}
mysql_query("INSERT INTO ".$db["prefix"]."main SET insert_date=NOW(), title='$ttitle', description='$description', url='$url', cat1='$c1', gin=0, gout=0, moder_vote=0, email='$email', type=0, resfield1='$resfield1', resfield2='$resfield2', resfield3='$resfield3';") or die(mysql_error());
$r=mysql_query("SELECT max(lid) FROM ".$db["prefix"]."main WHERE url='$url'") or die(mysql_error());
$cid=@mysql_result($r,0,0);

if ($cat["robotsdeny"]=="on") {
$HTTP_SESSION_VARS["secret_number"]=0;
}

print ("<HTML><HEAD>\n");
print ("<META HTTP-EQUIV=refresh CONTENT='0;url=thx.php?id=$cid'>\n");
print ("</HEAD></HTML>\n");
exit;
}
}

if ($cat["robotsdeny"]=="on") {
if (intval($HTTP_SESSION_VARS["secret_number"])<1000) {
srand(mt());
$HTTP_SESSION_VARS["secret_number"]=rand(1000,9999);
}
}

$title=$LANG["addlink"];
include "_top.php";
$template=$TMPL["bmenu"];
$template=str_replace("%MODERATORSTEXT",$LANG["moderators"],$template);
$template=str_replace("%ADDLINKTEXT",$LANG["addlink"],$template);
$template=str_replace("%MAINTEXT",$LANG["main"],$template);
print $template;
print "<br>";

if (!empty($error)) {
print "<P><B>".$LANG["errorsfound"]."</B>\n";
print "<font color=red><UL>\n".$error."\n</UL></font>\n";
}
?>
</center>
<p align="center"><font color="#FF0000" face="Verdana">We only index <b>Food
</b> related sites<br>
<font size="2">Please don't submit any other sites here!</font></font></p><table width=100% class=tbl0 cellspacing=1 cellpadding=0>
<tr><td class=tbl1>
<img src=/cat/none.gif width=1 height=6><br>
<center><table border=0>
<form action=add.php method=post>
<input type=hidden name='do' value='add'>
<tr><td valign=top>
<?=$LANG["category"];?>:
</td><td>
<select style='width:320px;' name=c1>
<option value=0><?=$LANG["notselected"];?>
<?
$r=mysql_query("SELECT cid,name FROM ".$db["prefix"]."cat_linear ORDER by name;") or die(mysql_error());
while ($row = mysql_fetch_array($r)) {
if ($row["cid"]==$c1) $sel="selected"; else $sel="";
echo "<OPTION $sel value='".$row["cid"]."'>".$row["name"]."\n";
}
?>
</select>
</td></tr>

<tr><td valign=top>
<?=$LANG["sitetitle"];?>:&nbsp;&nbsp;
</td><td>
<input style='width:320px;' type=text name=ttitle value='<?=$ttitle;?>'>
</td></tr>

<tr><td valign=top>
<?=$LANG["siteurl"];?>:
</td><td>
<input style='width:320px;' type=text name=url value='<?=$url;?>'>
</td></tr>

<tr><td valign=top>
<?=$LANG["email"];?>:
</td><td>
<input style='width:320px;' type=text name=email value='<?=$email;?>'>
</td></tr>

<?if (!empty($cat["resfield1"])) {?>
<tr><td valign=top>
<?=$cat["resfield1"];?>:
</td><td>
<input style='width:320px;' type=text name=resfield1 value='<?=$resfield1;?>'>
</td></tr>
<?}?>

<?if (!empty($cat["resfield2"])) {?>
<tr><td valign=top>
<?=$cat["resfield2"];?>:
</td><td>
<input style='width:320px;' type=text name=resfield2 value='<?=$resfield2;?>'>
</td></tr>
<?}?>

<?if (!empty($cat["resfield3"])) {?>
<tr><td valign=top>
<?=$cat["resfield3"];?>:
</td><td>
<input style='width:320px;' type=text name=resfield3 value='<?=$resfield3;?>'>
</td></tr>
<?}?>

<tr><td valign=top colspan=2>
<?=$LANG["sitedescription"];?>:<br>

<textarea style='width:100%;' name=description rows=6><?=$description;?></textarea>
</td></tr>

<?
if ($cat["robotsdeny"]=="on") {
print "<tr><td valign=top colspan=2>\n";
print "<br><table width='100%' cellspacing=0 cellpadding=0 border=0>";
print "<tr><td colspan=2>".$LANG["secretcode"]."</td></tr>";
print "<tr><td><img src='code.php?".mt()."' width=101 height=26 vspace=5></td><td align='right'><input style='width:320px;' type=text name=secretcode value='".$secretcode."'></td></tr></table>\n";
print "</td></tr>\n";
print "<tr><td colspan=2><br></td></tr>";
}
?>

<tr><td colspan=2 align=right>
<input type=submit value='<?=$LANG["submit"];?>' class=small>
</td></tr>

</table>

</td></form></tr></table>
<br>
<?
$template=$TMPL["bmenu"];
$template=str_replace("%MODERATORSTEXT",$LANG["moderators"],$template);
$template=str_replace("%ADDLINKTEXT",$LANG["addlink"],$template);
$template=str_replace("%MAINTEXT",$LANG["main"],$template);
print $template;

include "_bottom.php";?>

This is the sample forum with security varificaion:

<form method="POST" action="process.php" enctype="multipart/form-data">
<table cellpadding="3" cellspacing="1" >
<TR><TD><img src="image.php"></TD></TR>
<TR><TD><input type="text" name="code"></TD></TR>
<TR><TD><input type="submit" value="Enter" ></TD></TR>
</table></form>

This is he process.php that process the sample from and varify the images are correct, if correct it show a message SUCCESSFULLY, in my case it should add the URL to the directory.

<? session_start();

if($_POST['code']!=$_SESSION['string']){
echo "SECURITY CODE ERROR... ";
}else{
echo "SUCCESSFULLY!";
}

?>

This is the image.php script that does the random image creatin

<?php
/***************************************************************************
*
* Filename : image.php
* Began : 2005/04/04
* Modified :
* Copyright : (c) 2005 xkare.com
* Version : 1.0
* Written by : Mert ÖĞÜT in istanbul / TURKEY
*
* You are encouraged to redistribute and / or modify this program under the terms of
* the GNU General Public License as published by the Free Software Foundation
* (www.fsf.org); any version as from version 2 of the License.
*
***************************************************************************/
session_start();
function strrand($length)
{
$str = "";

while(strlen($str)<$length){
$random=rand(48,122);
if( ($random>47 && $random<58) ){
$str.=chr($random);
}

}

return $str;
}

$text = $_SESSION['string']=strrand(5);
$img_number = imagecreate(47,17);
$backcolor = imagecolorallocate($img_number,244,244,244);
$textcolor = imagecolorallocate($img_number,0,0,0);

imagefill($img_number,0,0,$backcolor);

Imagestring($img_number,50,1,1,$text,$textcolor);

header("Content-type: image/png");
imagejpeg($img_number);
?>
?>

And remember! Never do such stupidity as pasting all your code here, nobody will bother to read it.

Hope this helps
Michal Cibor

PS I didn't bothered to read your code, just the other quotes.