You can hide the php file extension using .htaccess so that you can confuse the spammers and hackers .

You can use “asp” file to work as a “php” file ie use the extension “asp” for yourr file instead of “php”.

You jsut need to cerate a .htaccess file and ad the code shown below

# Make PHP code look like asp or perl code
AddType application/x-httpd-php .asp

After this create file “comment.asp” and with php codes in it.

Then load the page “comment.asp”