What are best practices for implementing spam protection in PHP forms using captcha or similar techniques?

Spam protection in PHP forms can be implemented using captcha or similar techniques to prevent automated bots from submitting spam entries. One effective way to do this is by integrating Google reCAPTCHA into the form, which requires users to verify they are not a robot before submitting the form.

<?php
// Include the reCAPTCHA library
require_once('recaptchalib.php');

// Your site key and secret key from Google reCAPTCHA
$siteKey = 'your_site_key';
$secret = 'your_secret_key';

// Verify the reCAPTCHA response
$recaptcha = new ReCaptcha($secret);
$resp = $recaptcha->verify($_POST['g-recaptcha-response'], $_SERVER['REMOTE_ADDR']);

if ($resp->isSuccess()) {
    // Process the form submission
    // Your form processing code here
} else {
    // Display an error message if reCAPTCHA verification fails
    echo 'Please verify that you are not a robot.';
}
?>