Nonce check causing issues when creating new post

I know that this is not the only tutorial that has code that check nonce for meta boxes but this is truly idiotic. Nonce should be checked per the whole action not per parts of it and if your save_post hook was called it means that the save nonce was already checked and found valid, so There is no need for more security checks.

My advice is to simply remove anything related to nonce from your metabox code, but if you will feel better having it around just change the code to 

   // verify nonce
    if ( !isset($_POST[ 'my_meta_box_nonce' ]) || !wp_verify_nonce( $_POST[ 'my_meta_box_nonce' ], basename( __FILE__ ) ) ) 
       return $post_id;

which will bail out when no nonce was supplied or the nonce failed validation

Related Posts:

  1. How does nonce verification work?
  2. How to expire a nonce?
  3. Fatal error: Call to undefined function wp_create_nonce()
  4. How to add/retrieve the post trash link?
  5. Using nonce external of WP Admin
  6. Nonce best practices: hidden input vs. wp_localize_script?
  7. “The link you followed has expired” when previewing a post
  8. wp_verify_nonce keeps failing
  9. Handling nonce generation in AJAX registration process
  10. increase nonce lifespan
  11. wp_verify_nonce() via REST always returns false
  12. Nonce failing in IE
  13. my theme breaks WP export
  14. Why am I getting a 403 from check_admin_referer()?
  15. x-wp-nonce across domains
  16. wp_create_nonce doesn’t verify when using WP_List_Table
  17. Handling expired nonces
  18. What is really “wp_nonce_field” and how does it work? [duplicate]
  19. Cannot verify nonce
  20. wp_verify_nonce return false despite correct parameter passed
  21. WordPress JSON API nonces and Vue development server
  22. Verify a nonce in Form submission
  23. phpcs error in WordPress
  24. Stop WordPress nonces expiring
  25. Several nonces?
  26. Nonce for Trashing Item
  27. Nonce keeps failing
  28. Public posts – preventing duplicate form submissions
  29. How to obtain “wp_rest” nonce for WP Statistics plugin manually?
  30. WordPress “nonce” message
  31. CSP nonces with Cloudflare Workers
  32. Why are nonces working in Firefox but not in Chrome?
  33. wp_verfy_nonce keeps giving false
  34. Nonce – reissue with ajax poll
  35. wp_nonce_url generating invalid links
  36. How to insert wp_nonce field within echoed string
  37. Weird nonce validation problem
  38. Logout button in menu without “wp” in links
  39. Do I need a nonce field for every meta box I add to my custom post type admin?
  40. Can I use the same nonce for multiple requests on the same page?
  41. How to get a unique nonce for each Ajax request?
  42. Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
  43. How to use nonce with front end submission form?
  44. Extend WordPress (4.x) session and nonce
  45. Nonces and Cache
  46. AJAX nonce with check_ajax_referer()
  47. Verify nonce in REST API?
  48. What is nonce and how to use it with Ajax in WordPress? [duplicate]
  49. Getting “The link you followed has expired” when adding custom post [closed]
  50. Handling nonces for actions from guests to logged-in users
  51. How to add WordPress nonces to ajax request
  52. Can I verify nonce which was generated on a different WP site?
  53. Headless WordPress: How to authenticate front end requests?
  54. Nonces and Ajax request to REST API and verification
  55. How to stop _wpnonce and _wp_http_referer from appearing in URL
  56. “Notice: Undefined index:” error when adding new content?
  57. WP REST API: check if user is logged in
  58. wp_verify_nonce doesn’t return true on server when it matches the nonce
  59. How to save multiple metaboxes?
  60. Can’t GET draft posts via REST API from headless frontend
  61. Rest API invalid nonce with Backbone Client
  62. Verify Nonce returns false – Request Nonce returns correct value
  63. WordPress REST API, Expired Nonce from Cache results in 403 forbidden
  64. wp-admin AJAX with Fetch API is done without user
  65. Nonce generated 0-12 hours ago
  66. Passing a borrowed nonce through Postman fails
  67. permission_callback has no effect
  68. WP REST API – Nonce passes wp_verify_nonce even after logout
  69. Maximum lifetime for nonce
  70. Use of check_admin_referer with theme options and options.php
  71. Passing nonce at admin menu link
  72. “The link you followed has expired” & “Error while saving” messages when adding new post
  73. SSO autologin WordPress + Ajax
  74. Is nonce in PHP form and Ajax both necessary?
  75. Encountering “Wrong nonce. Action prohibitied.” when trying to alter User Role and unable to Post via WP Admin
  76. Nonce fails on ajax save
  77. Bypass nonce value while trashing a post
  78. My custom write panels won’t save data. What am I missing?
  79. Unable to successfully verify nonce
  80. How to verify nonces in bulk?
  81. Why do Metabox use Nonces?
  82. The Correct Way to Use Nonce Field without Settings API
  83. javascript ajax and nonce
  84. How to check nonce lifetime value of plugins?
  85. Does this code indicate an exploit?
  86. Using nonce when loading posts with AJAX
  87. Nonce failing with second argument
  88. Should wordpress nonce be placed in html form or in javascript file
  89. Extend Nonce Lifetime for Specific Nonce Creation
  90. Change button link to add nonce
  91. check_admin_referer not working in custom meta box for custom post type
  92. Ajax Security regarding user priviliges and nonces
  93. wp_nonce for Front-End submission form not working
  94. wp_verify_nonce fails always
  95. Nonce fail after second submit attempt
  96. custom metabox nonce verification fails
  97. How to use nonces for frontend AJAX voting if the page gets cached?
  98. Using Nonce for my Form
  99. Metabox nonce not allowing update
  100. Saving metabox updates causing fatal error
error code: 523