Should I use wp_nonce_field on my contact form?

You should not. Nonce is used to protect against cross site request forgery attacks (CSRF) in which another aite tries to trick you into submitting a form to your site which will perform some hostile action. Nonces are unique value that can be generated only by a specific site at a specific time and therefor … Read more

WordPress tabindex Order

The “Skip to toolbar” in the WP Navbar comes tabindex attribute set to 1; I really think it is correct because it is the first visual element when the navbar is active. The problem is that the HTML of the navbar isn’t really the first in the source code, it is in the footer, so … Read more

Java code/ JSP page in wordpress

No. WordPress is written in PHP which is not Java. Maybe you can configure your webserver in a way to proxy a certain URL to be handled by some Java Server, but this is definitely not a WordPress issue and would be off topic here. You can try with sister sites like https://serverfault.com/ though.

Use $_POST data in functions.php

Try adding you query variable to the public query variable list like this. function wp280272_query_vars($vars) { $vars[] = ‘currency’; return $vars; } add_filter( ‘query_vars’, ‘wp280272_query_vars’ ); you then can access it via get_query_var(‘currency’);

textarea field is getting escaped for some unknown reason

WordPress always adds magic quotes regardless of server settings. This ensures consistency regardless of the environment. Even though magic quotes has been removed or deprecated from PHP, WordPress keeps this behaviour for backwards compatibility with older versions of PHP and plugins that were written with older versions of PHP in mind. If you want to … Read more

nonce in custom form is not verifying

Not sure if this answers the question, but you should call wp_nonce_field() with the fourth parameter ($echo) set to false: // You are concatenating or not directly echoing the output, so: . wp_nonce_field( ‘register’, ‘registration_nonce’, true, false ) . And I said “not sure” because you said the posted data ($_POST) did include the nonce … Read more