I've included a small flash file as the attachment. Basically what it does is generate a hexadecimal value ranging from 0 to 4294967295. If you take a look at the attached file you should be able to see that the generated value does two things. Randomly orients the characters of the string in clockwise/counter-clockwise rotations and randomly blurs/sharpens the image. I'll be trying to use this in order to prevent illegal registration for the forum software I'm working on. So I've completed the first step (or at least what I think is the first step), which is generating a random verification stamp.

Now the "obstacle" I've come across is the following:
Given that I know how to pass this string to a php using a POST method. Would this somehow reveal the string publically and thus make the efforts of generating the stamp useless? In other words, how can I get this string to compare with the one input in the text field by the user, without giving it away?

Note: I would like to avoid the usage of sessions.

Well you need to have something to know if the number generated and the number given by the user are the same, otherwise there's no point. Cookies could work if you generate a unique ID and keep track of it. However Sessions work better as everything is there already for you.