I've got a problem that (I think) more people got.
I generate a rand() in my PHP script, and if the form that I created submits, I don't want to create a new rand(), what's he actually doing right now.
There is no other way than saving it in a session. It is very secure and easy to obtain. You can even unset the session after you're done verifying it!