Random WordPress notes

1. To make sure no one can access your plugin files directly, add this line at the very top of your plugin code:
   if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly
2. To validate the the contents of the form request came from the current site and not somewhere else, use nonce field