Hello

In CB versions before 1.8 the onAfterUserUpdate event was either not fired after a user clicked on the link in the confirmation email OR it was fired but the $userObject->password was NULL.

In 1.8 after clicking the confirmation link first the onAfterUserConfirm and then the onAfterUserUpdate is fired BUT $userObject->password contains the hash code you can find in the password field in the Joomla user table.

We are using a CB plugin to sync the passwords on different websites and this change makes it very hard to do because usually when onAfterUserUpdate is fired (if a user has updated his profile) the password field was null (password was not changed) or contained the real password - but never a hash.

Why was this changed? How can I tell that this event was fired right after onAfterUserConfirm and so I can ignore the password.

Regards

Carsten