Magento now includes CSRF (Cross-Site Request Forgery) protection on publicly available forms such as the new user registration form. The goal of this is to make it impossible for anyone to POST to an URL without first visiting the corresponding form page. A token is supplied on this page that is sent along with the rest of the form to the server. The server validates the correctness of the token and responds in a sensible way if the token is correct. If the token is not however, the server ignores the POST request.
Adding CSRF token to a form
This feature has been added to the latest Magento version. The CSRF token is supplied to forms in the PHTML template files. These files however are often overwritten by themes or custom templates. To fix problems regarding missing CSRF tokens, make sure that the following line (or an equivalent one) is present in between the