Better settings validation and security #12
Description
Settings from the admin form should be properly validated instead of "blindly trusting" values returned by the form.
The form should also use a nonce for enhanced security.
We should also check that the user has sufficient privilege to update the settings.