The Access rules manager cannot use recordset or form data in creating the rules. instead of creating rules in security assist and using the security Assist show if behavior, you will to hand code If statements manually
For example, to compare the session against the recordset:
<?php if(isset($_SESSION['email']) && $_SESSION['email'] != "" && $row_WADAorders['email'] != "" && $_SESSION['email'] == $row_WADAorders['email']) { ?>
...Do something...
<?php } ?>
or for comparing the session to the owner email form element.
<?php if(isset($_SESSION['email']) && $_SESSION['email'] != "" && isset($_POST["owneremail"]) && $_POST["owneremail"] != "" && $_SESSION['email'] == $_POST["owneremail"]) { ?>
...Do something...
<?php } ?>