1. If I type the correct captcha code but wrong email address, name and comments, the next page on email_form.php shows
We are very sorry, but there were error(s) found with the form your submitted. These errors appear below.

The Email Address you entered does not appear to be valid.
The First Name you entered does not appear to be valid.
The Last Name you entered does not appear to be valid.
The Comments you entered do not appear to be valid.


Please go back and fix these errors.

//But if I type everything correct but not typing the correct captcha code shows the next page this:
Thank you for contacting us. We will be in touch with you very soon.

Showing this makes adding captcha on my website useless and I don't know what is wrong here since I'm new at php. So could you explain where I did wrong and how to fix it???????
Thank you in advance!!
-----------------------contact.php-------------------------------

HTML Code:

<html>
<head>
<title>Untitled</title>
</head>
<body>
 
<?php
if (empty($_POST)) { ?>
<form name="contactform" method="post" action="email_form.php">
<table width="450px">
</tr>
<tr>
<td valign="top">
<label for="first_name">First Name *</label>
</td>
<td valign="top">
<input type="text" name="first_name" maxlength="18" size="30">
</td>
</tr>
 
<tr>
<td valign="top">
<label for="last_name">Last Name *</label>
</td>
<td valign="top">
<input type="text" name="last_name" maxlength="18" size="30">
</td>
</tr>
<tr>
<td valign="top">
<label for="email">Email Address *</label>
</td>
<td valign="top">
<input type="text" name="email" maxlength="24" size="30">
</td>
</tr>
<tr>
<td valign="top">
<label for="subject">Subject *</label>
</td>
<td valign="top">
<input type="text" name="subject" maxlength="24" size="30">
</td>
</tr>
 
<tr>
<td valign="top">
<label for="comments">Comments *</label>
</td>
<td valign="top">
<textarea name="comments" maxlength="1000" cols="25" rows="6"></textarea>
</td>
</tr>
</table>
 
 
<div style="width: 430px; float: left; height: 90px">
<img id="siimage" align="left" style="padding-right: 5px; border: 0" src="securimage_show.php?sid=<?php echo md5(time()) ?>" />
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="[URL]http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,0,0[/URL]" width="19" height="19" id="SecurImage_as3" align="middle">
<param name="allowScriptAccess" value="sameDomain" />
<param name="allowFullScreen" value="false" />
<param name="movie" value="securimage_play.swf?audio=securimage_play.php&bgColor1=#777&bgColor2=#fff&iconColor=#000&roundedCorner=5" />
<param name="quality" value="high" />
 
<param name="bgcolor" value="#ffffff" />
<embed src="securimage_play.swf?audio=securimage_play.php&bgColor1=#777&bgColor2=#fff&iconColor=#000&roundedCorner=5" quality="high" bgcolor="#ffffff" width="19" height="19" name="SecurImage_as3" align="middle" allowScriptAccess="sameDomain" allowFullScreen="false" type="application/x-shockwave-flash" pluginspage="[URL]http://www.macromedia.com/go/getflashplayer[/URL]" />
</object>
<br />
 
<!-- pass a session id to the query string of the script to prevent ie caching -->
<a tabindex="-1" style="border-style: none" href="#" title="Refresh Image" onClick="document.getElementById('siimage').src = 'securimage_show.php?sid=' + Math.random(); return false"><img src="http://www.webmaster-talk.com/images/refresh.gif" alt="Reload Image" border="0" onClick="this.blur()" align="bottom" /></a>
</div>
<div style="clear: both"></div>
Code:<br />
<!-- NOTE: the "name" attribute is "code" so that $img->check($_POST['code']) will check the submitted form field -->
<input type="text" name="code" size="12" />
<input type="submit" value="Submit Message" />
</form>
 
<?php
} else { //form is posted
include("securimage.php");
$img = new Securimage();
$valid = $img->check($_POST['code']);
if($valid == true) {
echo "<center>Thanks, you entered the correct code.<br />Click <a href=\"{$_SERVER['PHP_SELF']}\">here</a> to go back.</center>";
} else {
echo "<center>Sorry, the code you entered was invalid. <a href=\"javascript:history.go(-1)\">Go back</a> to try again.</center>";
}
}
?>
 
</body>
</html>

=================email_form.php=================== ==

HTML Code:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "[URL]http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd[/URL]">
<html xmlns="[URL]http://www.w3.org/1999/xhtml[/URL]">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php
if(isset($_POST['email'])) {
 
// EDIT THE 2 LINES BELOW AS REQUIRED
$email_to = "[EMAIL="you@yourdomain.com"]you@yourdomain.com[/EMAIL]";
$email_subject = "Your email subject line";
 
 
function died($error) {
// your error code can go here
echo "We are very sorry, but there were error(s) found with the form your submitted. ";
echo "These errors appear below.<br /><br />";
echo $error."<br /><br />";
echo "Please go back and fix these errors.<br /><br />";
die();
}
 
// validation expected data exists
if(!isset($_POST['first_name']) ||
!isset($_POST['last_name']) ||
!isset($_POST['email']) ||
!isset($_POST['subject']) ||
!isset($_POST['comments'])) {
died('We are sorry, but there appears to be a problem with the form your submitted.'); 
}
 
$first_name = $_POST['first_name']; // required
$last_name = $_POST['last_name']; // required
$email_from = $_POST['email']; // required
$subject = $_POST['subject']; // required
$comments = $_POST['comments']; // required
 
$error_message = "";
$email_exp = "^[A-Z0-9._%-]+@[A-Z0-9.-]+\.[A-Z]{2,4}$";
if(!eregi($email_exp,$email_from)) {
$error_message .= 'The Email Address you entered does not appear to be valid.<br />';
}
$string_exp = "^[a-z .'-]+$";
if(!eregi($string_exp,$first_name)) {
$error_message .= 'The First Name you entered does not appear to be valid.<br />';
}
if(!eregi($string_exp,$last_name)) {
$error_message .= 'The Last Name you entered does not appear to be valid.<br />';
}
if(strlen($comments) < 2) {
$error_message .= 'The Comments you entered do not appear to be valid.<br />';
}
if(strlen($error_message) > 0) {
died($error_message);
}
$email_message = "Form details below.\n\n";
 
function clean_string($string) {
$bad = array("content-type","bcc:","to:","cc:","href");
return str_replace($bad,"",$string);
}
 
$email_message .= "First Name: ".clean_string($first_name)."\n";
$email_message .= "Last Name: ".clean_string($last_name)."\n";
$email_message .= "Email: ".clean_string($email_from)."\n";
$email_message .= "subject: ".clean_string($subject)."\n";
$email_message .= "Comments: ".clean_string($comments)."\n";
 
 
// create email headers
$headers = 'From: '.$email_from."\r\n".
'Reply-To: '.$email_from."\r\n" .
'X-Mailer: PHP/' . phpversion();
@mail($email_to, $email_subject, $email_message, $headers); 
?>
<!-- include your own success html here -->
Thank you for contacting us. We will be in touch with you very soon.
<?
}
?>
 
</body>
</html>

I don't understand how your captcha image is being used - Your pages are not using sessions so I don't see how it's possible.

I tried adding this to top of the page
<?php
session_start(); // Start the session where the code will be stored.
?>
to contact.php first, which didn't work then I added it to both pages but it didn't work either.
it's still the same..