Some of my clients have been receiving spam emails via their online contact forms i.e strange code been injected into fields and then email sent every 5mins to same email account. I was going to implement a CAPTCHA form, but wondered whether I could achieve the same outcome by generating a random number using asp code every time the page loads and display this number in the form. The user would then type the number in a textfield and submit. On submit I would pass the random number in a hidden fields and evaluate on the receiving page – then handle accordingly i.e. redirect back to form if not matched or send email if matched.
I would prefer this option as I would have more control over the look and style of the random number etc.
Would this work or can anyone see any issues with this?