There are many ways to block spam comments in PHP, but this way is the most simple and effective I've found so far. It consists on using Javascript to create a cookie inside the visitor's PC. If the session won't start, there's a big chance the visitor isn't human, since most bots don't run Javascript and don't store cookies.
1. Insert this code in the header of your website:
<script text="javascript">
document.cookie =
"human=" + encodeURIComponent("yes") +
"; max-age=" + 60*60*24*30 +
"; path=/; domain=yourwebsite.com" ;
</script>
2. When a visitor sends the comment, use this code to process it:
if ($_COOKIE['human'] == 'yes') {
// there is a cookie, and the comment is accepted
} else {
// there is no cookie, and the comment is rejected
}