in the validation code, 5 is the captcha validation.
$WAFV_Errors .= WAValidateLE((strtolower(isset($_POST["Security_Code"])?$_POST["Security_Code"]:"")) . "",((isset($_SESSION["captcha_Security_Code"]))?strtolower($_SESSION["captcha_Security_Code"]):"") . "",true,5);
if you examine the code for the captcha image:
<img src="webassist/captcha/wavt_captchasecurityimages.php?field=Security_Code_2&bgcolor=FFFF99&transparent=false&noisefreq=50&noisecolor=FFFFFF&noiseorder=0&gridfreq=25&gridcolor=99FFFF&gridorder=0&font=fonts/MYTYPE.TTF&characters=5&textcolor=FF0000" alt="Security Code" class="Captcha" />
one of the URL variables is named field:
field=Security_Code_2
this is used to set the name of the captcha session variable as:
captcha_[Field Value]
or in the case:
captcha_Security_Code_2
the validaton, though, is set to use the session named:
captcha_Security_Code
this is why the validation is failing.
on the thank you page, change the captcha va;idation code:
$WAFV_Errors .= WAValidateLE((strtolower(isset($_POST["Security_Code"])?$_POST["Security_Code"]:"")) . "",((isset($_SESSION["captcha_Security_Code"]))?strtolower($_SESSION["captcha_Security_Code"]):"") . "",true,5);
to:
$WAFV_Errors .= WAValidateLE((strtolower(isset($_POST["Security_Code"])?$_POST["Security_Code"]:"")) . "",((isset($_SESSION["captcha_Security_Code_2"]))?strtolower($_SESSION["captcha_Security_Code_2"]):"") . "",true,5);