Invalid Nonce Error

I has the same error, after update to new version. Please fix it

maybe it something with “submit” – because it is or don’t work or if work, submiting to long ( need more time to submit ) before update everything was fine – maybe error with that

Hello!

This issue should have been fixed in the latest release. Have in mind though that if the user leave the form open for hours(how many hours depends on your wordpress configuration but by default is 24 hours) and then the user tries to submit it this error might still occur because the security token used to confirm that the submission is valid would expire at that time.

Regards!

Today, had user get “Invalid nonce, please refresh your screen and try again” five times before the form was accepted ??

https://thefcba.com/apply-now/

Hello the invalid nonce error occurs when WordPress is unable to verify the security token, this can happen due these reasons:

1.- The form is kept open for hours and then submitted which will invalidate the security token and won’t let the submission to pass.
2.- The users open the form, then in another page they log in or log out of your site and then submit the form before refreshing the page that has the form. Logging in or logging out would also invalidate the wordpress security token which would also cause this message.
3.- Your site is configured to have a very small lifespan for the security token which would make make users that don’t submit the form fast enough to experience this message.
4.- You have a cache plugin that is caching the whole page for several days (including the javascirpt variables) which would cause the plugin to use an outdated plugin

So to fix it you could try:
1.- Increase the life span of the nonces, you can add this filter in the wp-config file of your site apply_filters( ‘nonce_life’, $day_in_seconds ); replace $day_in_seconds with a number which should be the number of seconds that you want it to last (so for example 172800 would last 2 days).
2.- Disable any cache plugin that you have and see if the error goes away, it this is the case then the problem is that the cache plugin is also cacheing the security token
3.- As a last resort you could disable the security validation by opening the file smart-forms-ajax.php and remove these lines:

if(!wp_verify_nonce($nonce,'save_form'))
{
    echo '{"message":"'.__("Invalid nonce, please refresh your screen and try again.").'","refreshCaptcha":"n","success":"n"}';
    die();
}

?
Again this would be just the last resort as removing this would make the plugin to not check if the form submission comes from a valid source.
?
Regards!

• This reply was modified 3 years, 2 months ago by EDGARROJAS.
• This reply was modified 3 years, 2 months ago by EDGARROJAS.

The problem seems to be intermittent as it does not happen consistently. Looking at plug-ins in general, there seems to be issues with caching plug-ins as they all seem to address the issue. They all indicate to reduce the cache time to less than the nonce time. I have set my cache time to 10 hours as I read that nonce is either set by default to 12 or 24 hours….

Can we change the phrasing of this please?
The use of the word ‘nonce’ has a very unfortunate meaning in English vernavular kanguage,