Is this captcha easy to hack?

I have a captcha that has 4 digits, they can be numbers or letters.
The background is made by random lines that change for every request.
The address of the captcha image is like: index.php?load=captcha.

I get lots of spam despite having this captcha.
Do the spammers use scripts to discard the background? Or i'm i making something wrong?

I think captchas are quite useless and i'm starting to think its better to put approval requirement instead of captcha.

 

How do you check if the user entered the right digits?

 

I use PHP $_SESSION...every request stores the answer in session, then it just check if it matches...

 

How are you passing the session ID? If you are like most websites, the sessions are stored in cookies (as opposed to being passed via the URL).

Probably the spammers are just reading your cookies for the answer.

 

Hmm...what session id has to do with session contents?
Aren't session' contents stored in server?

 

Use ReCAPTCHA.

And yes, simple captcha is easily broken by spamming tools.

 

recaptcha? i can type invalid words in recaptcha and it stills says its correct, bleh...
I do it all the time in this forum...

 

I guess, that 's why Google paid big $$ to buy it. Because it 's worthless, huh?

 

Recaptcha Its not a true captcha, its main goal is to scan books...preventing spam is the least of their concerns...

Anyways, is there any place where i can test my captchas? like a crazy spammer club?

 

Your own site. Since you are already getting lots of spam, simply test a few captcha services and see what makes the difference.

 

That was a while ago, i no longer have that site that got spammed...
Funny enough, nobody would say one day i would need spammers