<?php
$ua = $_SERVER['HTTP_USER_AGENT'];
if (stristr($ua, 'msnbot') || stristr($ua, 'googlebot')) {
	//it's pretending to be MSN's bot or Google's bot
	$ip = $_SERVER['REMOTE_ADDR'];
	$hostname = gethostbyaddr($ip);
	if(!preg_match("/\.googlebot\.com$/", $hostname) && !preg_match("/search\.live\.com$/", $hostname)){
		//the hostname does not belong to either live.com or googlebot.com.
		//Remember the UA already said it is either MSNBot or Googlebot.
		//So it's a spammer.
		echo "Please leave";
	} else {
		//Now we have a hit that half-passes the check. One last go:
		$real_ip = gethostbyname($hostname);
		if ($ip != $real_ip) {
			//spammer!
			echo "Please leave";
		} else {
			//real bot
			echo "Welcome!";
		}
	}
}
?>