Enforce WordPress Coding Standards compliance

[akshayurankar48]

Description

The plugin's PHP files have multiple WordPress Coding Standards (WPCS) violations that should be fixed for consistency, security hardening, and maintainability.

Issues Found

High Priority

• Loose comparisons (80+ instances): Using == / != instead of strict === / !== across all files. This can cause type juggling bugs.
• Missing ABSPATH guards: 5 files (functions.php, init.php, settings.php, meta-boxes.php, admin/index.php) lack direct access protection.
• Unsanitized nonce values: $_POST nonce values passed directly to wp_verify_nonce() without sanitize_text_field( wp_unslash() ) in admin/index.php.
• Non-Yoda conditions: Variable on left side of comparisons instead of constant-first pattern.
• Missing strict flag in in_array(): Multiple calls without true as third parameter.

Medium Priority

• print + exit instead of wp_die(): Used for nonce failure in admin settings handlers.
• Raw header() redirect: Should use wp_safe_redirect().
• Unescaped site_url() output: Missing esc_url() wrapper.
• Closing ?> PHP tags: Present in PHP-only files, risking whitespace injection.

Low Priority

• Equals sign alignment: Minor formatting issues in multi-line assignments.
• Double blank lines: Extra whitespace in several files.
• Inline comment formatting: Trailing // on comments.

Files Affected

• functions.php
• init.php
• index.php
• admin/index.php
• settings.php
• meta-boxes.php

Expected Behavior

All PHP files should pass PHPCS with the phpcs.xml.dist ruleset with zero errors and zero warnings.