Spammad gästbok, trots captcha

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="stylesheets/reset.css" type="text/css" />
<link rel="stylesheet" href="stylesheets/layout.css" type="text/css" />
<link rel="stylesheet" href="stylesheets/typography.css" type="text/css" />
<link rel="stylesheet" href="stylesheets/menu.css" type="text/css" />
<!-- InstanceBeginEditable name="doctitle" -->
<script type= "text/javascript">
var RecaptchaOptions = {
	theme : 'white',
	custom_translations : {
		visual_challenge : "Visa en bild istället",
		audio_challenge : "Spela upp ett ljud istället",
		refresh_btn : "Få en ny utmaning",
		instructions_visual : "Skriv de två orden:",
		instructions_audio : "Skriv vad du hör:",
		help_btn : "Hjälp",
		play_again : "Spela ljudet igen",
		cant_hear_this : "Ladda ner ljudet som MP3",
		incorrect_try_again : "Fel, försök igen."
	}
};
</script>
<title>Kung Bore Underhållning | Gästbok</title>
<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
</head>
<body>
<?php include 'includes/top.php'; ?>
	<!-- InstanceBeginEditable name="Content" -->
    <h1>Gästbok</h1>
    
    <p>Lämna gärna ett meddelande i gästboken genom att fylla i de tre rutorna.</p>
    <div id="post">
        <form id="form1" method="post" action="gastbok_skicka.php">
        <fieldset>
        <h3>1. Namn:</h3>
        <input name="name" type="text" id="name" size="30" />
        <h3>2. Kommentar:</h3>
        <textarea name="comment" cols="40" rows="3" id="comment"></textarea><br />
        <h3>3. Spamskydd</h3>
		<?php
			require_once('phpfunctions/recaptchalib.php');
			$publickey = "XXXXXXXXXXXXXXXXXXXXXXXXXXX"; // you got this from the signup page
			echo recaptcha_get_html($publickey);
        ?>
        <br />
        <input type="submit" name="Submit" value="Skicka" />
        <br />
        <br />
        </fieldset>
        </form>
	</div>

    <h2>Inlägg i gästboken</h2>
<?php
	$host="localhost"; // Host name
	$username="XXXXXXXX"; // Mysql username
	$password="YYYYYYYY"; // Mysql password
	$db_name="ZZZZZZZZ"; // Database name
	$tbl_name="guestbook"; // Table name
	
	// Connect to server and select database.
	mysql_connect("$host", "$username", "$password")or die("cannot connect server ");
	mysql_select_db("$db_name")or die("cannot select DB");
		
	$query="SELECT * FROM $tbl_name ORDER BY id DESC";
	$result=mysql_query($query);
	
	while($rows=mysql_fetch_array($result)){
		if ($rows[visible]) {
?>
            <div class="gb">
                <div class="title">
                    <div class="name">Insänt av: <strong><? echo $rows['name']; ?></strong></div>
                    <div class="datetime"><? echo $rows['datetime']; ?></div>
                    <div class="delete"><? echo "<a href=\"gastbok_dolj.php?id=" . $rows['id'] . "\">X</a>" ?></div>
                </div>
                <div class="comment"><? echo $rows['comment']; ?></div>
            </div>
<?
		}
	}
		
	mysql_close(); //close database
?>
	<!-- InstanceEndEditable -->
<?php include 'includes/bottom.php'; ?>
</body>
<!-- InstanceEnd --></html>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/template.dwt.php" codeOutsideHTMLIsLocked="false" -->
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<link rel="stylesheet" href="stylesheets/reset.css" type="text/css" />
<link rel="stylesheet" href="stylesheets/layout.css" type="text/css" />
<link rel="stylesheet" href="stylesheets/typography.css" type="text/css" />
<link rel="stylesheet" href="stylesheets/menu.css" type="text/css" />
<!-- InstanceBeginEditable name="doctitle" -->
<title>Kung Bore Underhållning | Skicka gästboksinlägg</title>
<!-- InstanceEndEditable -->
<!-- InstanceBeginEditable name="head" -->
<!-- InstanceEndEditable -->
</head>
<body>
<?php include 'includes/top.php'; ?>
	<!-- InstanceBeginEditable name="Content" -->
<?php

$host="localhost"; // Host name
$username="XXXXXXXX"; // Mysql username
$password="XXXXXXXX"; // Mysql password
$db_name="XXXXXXXX"; // Database name
$tbl_name="guestbook"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("Could not connect to MYSQL server");
mysql_select_db("$db_name")or die("Could not select database");

$safe_POST_NAME=mysql_real_escape_string($_POST["name"]);
$safe_POST_COMMENT=mysql_real_escape_string($_POST["comment"]);

$monthDict = array("Jan", "Feb", "Mar", "Apr", "Maj", "Jun", "Jul", "Aug", "Sep", "Okt", "Nov", "Dec");

$name = trim($safe_POST_NAME, " \t\n\r");
$comment = trim($safe_POST_COMMENT, " \t\n\r");
$datetime1 = date("j ");							// Day of month
$datetime2 = $monthDict[date("n")-1];				// Month grabbed from monthDict (-1 because date("n") starts at 1)
$datetime3 = date(" Y H:i");						// Year, hour and minute
$datetime = $datetime1 . $datetime2 . $datetime3;	// Full date




if (strlen($name)) {
	if (strlen($comment)) {
		require_once('phpfunctions/recaptchalib.php');
		$privatekey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
		$resp = recaptcha_check_answer ($privatekey,
                                $_SERVER["REMOTE_ADDR"],
                                $_POST["recaptcha_challenge_field"],
                                $_POST["recaptcha_response_field"]);
		if ($resp->is_valid) {
		  $sql="INSERT INTO $tbl_name(name, comment, datetime, visible)VALUES('$name', '$comment', '$datetime', 1)";
			$result=mysql_query($sql);
			
			if ($result) {
				echo "<h1>Tack!</h1>";
				echo "<p>Din kommentar syns nu i <a href=\"gastbok.php\">gästboken.</a></p>";
			} else {
				echo "<h1>Fel!</h1>";
				echo "<p>SQL error. Var vänlig skicka ett mail till <a href=\"mailto:gustav.karlsson@gmail.com\">webmaster</a> och berätta om felet.</p>";
				echo "<a href=\"javascript:javascript:history.go(-1)\">Tillbaka</a>";
			}
			mysql_close();
		} else {
			echo "<h1>Fel kod</h1>";
			echo "<p>Koden du skrev in är felaktig, var god försök igen.</p>";
			echo "<a href=\"javascript:javascript:history.go(-1)\">Tillbaka</a>";
		}
		
	} else {
		echo "<h1>Fel!</h1>";
		echo "<p>Du måste skriva en kommentar.</p>";
		echo "<a href=\"javascript:javascript:history.go(-1)\">Tillbaka</a>";
	}
} else {
	echo "<h1>Fel!</h1>";
	echo "<p>Du måste fylla i ditt namn.</p>";
	echo "<a href=\"javascript:javascript:history.go(-1)\">Tillbaka</a>";
}

?>
	<!-- InstanceEndEditable -->
<?php include 'includes/bottom.php'; ?>
</body>
<!-- InstanceEnd -->
</html>