Still looking for an answer for this. Can somebody please, PLEASE confirm if this tag ($this->enableSpamProtection();) is in the correct place, and if not where it should be? Be great to know if I've made a simple fundamental error and once fixed, all will be well... thnx!

<?php
//
class ContactForm extends Form{

    public function __construct($controller, $name) {
    
	$fields = new FieldList(
		$dataFields = new CompositeField(
		TextField::create("Name", _t('ContactForm.YOURNAME', 'Your name'))
			->setCustomValidationMessage(_t('ContactForm.YOURNAME_MESSAGE_REQUIRED', 'Please enter your name'))
			->setAttribute('data-message-required', _t('ContactForm.YOURNAME_MESSAGE_REQUIRED', 'Please enter your name')),

		EmailField::create("Email", _t('ContactController.EMAILADDRESS', "Your email address"))
			->setCustomValidationMessage(_t('ContactForm.EMAILADDRESS_MESSAGE_REQUIRED', 'Please enter your email address'))
			->setAttribute('data-message-required', _t('ContactForm.EMAILADDRESS_MESSAGE_REQUIRED', 'Please enter your email address'))
			->setAttribute('data-message-email', _t('ContactForm.EMAILADDRESS_MESSAGE_EMAIL', 'Please enter a valid email address')),


		TextareaField::create("Comment", _t('ContactController.COMMENTS', "Comments"))
			->setCustomValidationMessage(_t('ContactForm.COMMENT_MESSAGE_REQUIRED', 'Please enter your comment'))
				->setAttribute('data-message-required', _t('ContactForm.COMMENT_MESSAGE_REQUIRED', 'Please enter your comment'))
		),			
		
		HiddenField::create("ReturnURL")			
	);

	$dataFields->addExtraClass('data-fields');
	
	$this->enableSpamProtection();
	
	$recaptchaField = new RecaptchaField('MyCaptcha');
	//$recaptchaField->jsOptions = array('theme' => 'clean'); // optional

	// save actions
	$actions = new FieldList(
		new FormAction("doPostContact", _t('ContactForm.POST', 'Post'))
	);
	
	// required fields for server side
	$required = new RequiredFields(array(
		'Name',
		'Email',
		'Comment'
	));
	
	$this->setAttribute('novalidate','novalidate');

	// Set it so the user gets redirected back down to the form upon form fail
	//$this->setRedirectToFormOnValidationError(true);		
	
    
         
        parent::__construct($controller, $name, $fields, $actions, $required);
    }
    
    	/**
	 * Process which creates a {@link Comment} once a user submits a comment from this form.
	 *
	 * @param array $data 
	 * @param Form $form
	 */
	public function doPostContact($data, $form) {		
		
		// extend hook to allow extensions. Also see onAfterPostComment
		//$this->extend('onBeforePostComment', $form);			
		
		
		$config = SiteConfig::current_site_config();
		
		// send  mail
		$email = $config->MailTo;
		$from = $data['Email'];
		$to = $email;
		

		$config->Title;
		$subject = "Contact Form - ".$config->Title;
		$email = new Email($from, $to, $subject);
		$email->setTemplate('ContactEmail');
		$email->populateTemplate($data);
		$email->send();    
		
		// set session
		Session::set('MailSent', true);		

		// extend hook to allow extensions. Also see onBeforePostComment
		//$this->extend('onAfterPostComment', $contact);					
		

		$url = (isset($data['ReturnURL'])) ? $data['ReturnURL'] : false;
		
		return Controller::curr()->redirectBack($url);
			
		
		//return ($url) ? $this->redirect($url) : $this->redirectBack();	
		
		
	}
	
	public function forTemplate() {
	    return $this->renderWith(array($this->class, 'Form'));
	}	
	
	public function SuccessMessage(){
	  
	  if(Session::get('MailSent')){
  		$config = SiteConfig::current_site_config();
		$message = $config->SubmitText;
		Session::clear('MailSent');   		
		return $message;
	  }	  
	  return null;
	  
	}
}

I think this might be in the wrong place, have you tried putting it outside the $fields = new FieldList() object? Alternatively I think you could enable spam protection via the Configuration system yaml.

Thanks for your comment Cam. Unfortunately putting code outside new FieldList object gives me a 500 server error...

Not sure how to implement in the YAML... I'm guessing it's not the command I'm using here!

BTW I think SilverStripe is a great product... really easy to implement a SilverStripe backend onto my HTML and CSS. Unfortunately it's things like this that really foul me up - my knowledge of PHP isn't great. Would you guys be interested in giving courses on PHP as it pertains to SilverStripe for us non-programmers ; )

Have you checked the spam protection addon documentation, if you look at here https://github.com/silverstripe/silverstripe-spamprotection#configuring

It shows that actually you need to invoke the ->enableSpamProtection(); after your form class is instantiated.

Actually there is a good interactive PHP course (not SilverStipe specific and very worth while) at http://www.codecademy.com/en/tracks/php

Thanks again Cam -- I have been to this page and invoked this command before -- started here and tried to follow it to the letter and that was when I first struck the 500 error!

I'll check out the codecademy link -- may be just what I need! There are so many tutorials online it's hard to know if I'm following a good one, so a recommendation is always handy!