Nonce check causing issues when creating new post

I know that this is not the only tutorial that has code that check nonce for meta boxes but this is truly idiotic. Nonce should be checked per the whole action not per parts of it and if your save_post hook was called it means that the save nonce was already checked and found valid, so There is no need for more security checks.

My advice is to simply remove anything related to nonce from your metabox code, but if you will feel better having it around just change the code to 

   // verify nonce
    if ( !isset($_POST[ 'my_meta_box_nonce' ]) || !wp_verify_nonce( $_POST[ 'my_meta_box_nonce' ], basename( __FILE__ ) ) ) 
       return $post_id;

which will bail out when no nonce was supplied or the nonce failed validation

Related Posts:

  1. How does nonce verification work?
  2. How to expire a nonce?
  3. Fatal error: Call to undefined function wp_create_nonce()
  4. How to add/retrieve the post trash link?
  5. Using nonce external of WP Admin
  6. Nonce best practices: hidden input vs. wp_localize_script?
  7. “The link you followed has expired” when previewing a post
  8. wp_verify_nonce keeps failing
  9. Handling nonce generation in AJAX registration process
  10. increase nonce lifespan
  11. wp_verify_nonce() via REST always returns false
  12. Nonce failing in IE
  13. my theme breaks WP export
  14. Why am I getting a 403 from check_admin_referer()?
  15. x-wp-nonce across domains
  16. wp_create_nonce doesn’t verify when using WP_List_Table
  17. Handling expired nonces
  18. What is really “wp_nonce_field” and how does it work? [duplicate]
  19. Cannot verify nonce
  20. wp_verify_nonce return false despite correct parameter passed
  21. WordPress JSON API nonces and Vue development server
  22. Verify a nonce in Form submission
  23. phpcs error in WordPress
  24. Stop WordPress nonces expiring
  25. Several nonces?
  26. Nonce for Trashing Item
  27. Nonce keeps failing
  28. Public posts – preventing duplicate form submissions
  29. How to obtain “wp_rest” nonce for WP Statistics plugin manually?
  30. WordPress “nonce” message
  31. CSP nonces with Cloudflare Workers
  32. Why are nonces working in Firefox but not in Chrome?
  33. wp_verfy_nonce keeps giving false
  34. Nonce – reissue with ajax poll
  35. wp_nonce_url generating invalid links
  36. How to insert wp_nonce field within echoed string
  37. Weird nonce validation problem
  38. Logout button in menu without “wp” in links
  39. Check nonce in the new bulk_edit_posts action
  40. nonce de sécurité invalide
  41. wp_verify_nonce vs check_admin_referer
  42. Do I need a nonce field for every meta box I add to my custom post type admin?
  43. Can I use the same nonce for multiple requests on the same page?
  44. How to get a unique nonce for each Ajax request?
  45. Nonce retrieved from the REST API is invalid and different from nonce generated in wp_localize_script
  46. Are Nonces Useless?
  47. How to use nonce with front end submission form?
  48. Extend WordPress (4.x) session and nonce
  49. Nonces can be reused multiple times? Bug / Security issue?
  50. How do WordPress Nonces Work?
  51. Nonces and Cache
  52. How do I create a user using the new JSON api in 4.7?
  53. AJAX nonce with check_ajax_referer()
  54. Verify nonce in REST API?
  55. Is wp_nonce_field vulnerable if you know the action name?
  56. Using nonce in menu item
  57. Is it safe to assume that a nonce may be validated more than once?
  58. Multiple ajax nonce requests
  59. What is nonce and how to use it with Ajax in WordPress? [duplicate]
  60. Do I require the use of nonce?
  61. Getting “The link you followed has expired” when adding custom post [closed]
  62. Should nonce be sanitized?
  63. Nonce in settings API with tabbed navigation
  64. Using Nonces for AJAX that only retrieves data
  65. WordPress REST API call generates nonce twice on every call
  66. WordPress “Link has expired” error on updating posts
  67. How to verify nonce from Bulk/Quick Edit in save_post?
  68. Handling nonces for actions from guests to logged-in users
  69. How to add WordPress nonces to ajax request
  70. Can I verify nonce which was generated on a different WP site?
  71. WordPress failure when logging out
  72. Reduce nonce lifespan
  73. Security – Ajax and Nonce use [closed]
  74. Headless WordPress: How to authenticate front end requests?
  75. Nonces and Ajax request to REST API and verification
  76. How to stop _wpnonce and _wp_http_referer from appearing in URL
  77. Ajax function returns -1
  78. Undefined index: at_nonce in custom post metabox
  79. Serving nonces through AJAX is not refreshing nonce, returning 403 error
  80. “Notice: Undefined index:” error when adding new content?
  81. WP REST API: check if user is logged in
  82. Custom Meta Boxes – Nonce Issue – Move to trash issue
  83. Security around save_post hook
  84. wp_verify_nonce always returns false when logged in as admin
  85. how to get nonce using json api
  86. ajax and nonce when JavaScript is in a seperate file
  87. Confusion on WP Nonce usage in my Plugin
  88. Properly applying nonce to a form using AJAX
  89. When is it useful to use wp_verify_nonce
  90. WordPress password reset – why post rp_key?
  91. wp_verify_nonce doesn’t return true on server when it matches the nonce
  92. How to save multiple metaboxes?
  93. Can’t GET draft posts via REST API from headless frontend
  94. Rest API invalid nonce with Backbone Client
  95. Nonce actions and names available via open source
  96. AJAX requests broken due to HTTPS for wp-admin
  97. Nonces, AJAX, script variables & security in WordPress
  98. Full page NGINX (or Cloudflare) caching and WordPress nonces
  99. Why does WordPress Heartbeat login not refresh the nonces?
  100. How to get the wpnonce value?
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)