Besides getting hold of a good software that'll do the job of actually generating the image, I'm confused as to how to actually put it on a webpage- since the program that'll generate the image will be on one particular webpage, and the program that does the *checking* will be on the *subsequent*, i.e. unrelated and separate page, how does it know what the correct letters and numbers are?

I hope I've clarified properly what my question is, if not, just ask

Thanks.

You can use session for it.

I trust that troop's answer was sufficient for you.

Essentially you can store the details within a session. Remember the session stays on the server and so it is not exposed to the user.

There is a Pear class that does this for you. You may want to check out the documentation.

Well really this brings us back to the fundamental question of how a session *works*, i.e. what's going *on* behind the scenes if I use PHP to create a session - can anyone explain? I've tried reading a book on the Net about it, but I'm still not clear (as I am unclear about cookies, as well). A session *uses* cookies, right?

An instance of a session is just a collection of information about that session. The particular collection is identified by a unique value stored in a cookie. Whenever the browser loads a page from a site (domain + path), it sends any unexpired cookies that it has collected for that site along with the HTTP request to the server. The content of the cookie associates that request with session-specific data that is stored on the server. The cookie is in some sense a lookup key to the session data. The server application used to fulfill the HTTP request can then use the data from the cookie to get the session-specific data, and compose the supplied page accordingly.
--- rod.

The user's browser sends cookies back and forth from the users computer to the server. The default PHP session cookie is called PHPSESSID and an example of what it contains would be 7no1o6s8b42q87si0tcl5jis02. You can check this pointing your browser to a website that uses standard PHP sessions and then view cookies. For Firefox (v3.5.8) go to Tools -> Page Info select the Security tab and then press the View Cookies button.

This cookie gets sent to the server and the contents, in the previous example "7no1o6s8b42q87si0tcl5jis02" will be used by the server to look up a file stored on the server, possibly with the same file name as the content, prefixed with sess_. The location of the session file is given in the php.ini under the session.save_path variable, on my home system it is set to:
Any value stored for this session will be held in this file. PHP allows you to alter the way sessions work, for example they could be stored on a database, the default cookie name can be modified and the way that the hash is generated can be modified (the default is an MD5 hash string). But generally the default settings are sufficient.