we have been using this code to run CAPTCHA on a web-based contact form, but there is a fail in it somewhere - can anyone see an obvious error?

Here is the error message:
Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home/galaxyin/public_html/templates/layer.php:5) in /home/galaxyin/public_html/pages/contact.php on line 2

this is the code:

<?php
session_start();
$envio = $_GET['sent'];
$contactname = $_POST['contactname'];
$email = $_POST['email'];
$phone = $_POST['phone'];
$message = $_POST['message'];
$txtCaptcha = $_POST['txtCaptcha'];
if ($envio==1)
{
$msg="";
// check the name
if(!$contactname=$_POST['contactname']) {$msg.="<span class='info'>Please enter your name</span><br>";}

// check and validate email
if(!eregi("^[a-z0-9]+([_\\.-][a-z0-9]+)*" ."@"."([a-z0-9]+([\.-][a-z0-9]+)*)+"."\\.[a-z]{2,}"."$",$email ))
{$msg.="<span class='info'>Please enter a valid email address</span><br>";}

if(!$phone=$_POST['phone']) {$msg.="<span class='info'>Please enter your phone</span><br>";}

if(!$message=$_POST['message']) {$msg.="<span class='info'>Please enter your message</span><br>";}

if ( ($_REQUEST["txtCaptcha"] == $_SESSION["security_code"]) &&
(!empty($_REQUEST["txtCaptcha"]) && !empty($_SESSION["security_code"])) ){}
else
{$msg.="<span class='info'>Please enter correct CAPTCHA!</span><br>"; }

if (!$msg)
{

// send admin email
$aem="Name: ".$contactname."\n";
$aem.="Email: ".$email."\n";
$aem.="Phone: ".$phone."\n";
$aem.="Message: ".$message."\n";
mail("", "[] Query! (".$contactname.")", $aem, "From:");
}
echo $msg;
}
?>
Here is the code: