Sorry for so much bla-bla, but in an effort to give you as much and detailed info as possible to cut your search for the bug short, I just did more trials and errors in the "clean" test environment. After quite many registrations with different settings here's the culprit:
It only happens if
- Allow Free Registered Users: no
- Create Subscriptions also for free lifetime plans: yes
AND
- Purchasing a free plan with a negative fixed amount promotion applying to it (no conditions other than that)
As soon as I flip the mentioned yes/no settings or make them yes/yes, the password saves properly encrypted.
Also, if I leave the yes/no settings as here above but change the plan price from 0 to whatever, the password saves well encrypted, no matter if a negative or positive promotion gets applied.
BTW, "purchasing" free plans without any (negative) promotion does not cause any issues no matter what the settings above are.
It appears that it's only the setting "Allow Free Registered Users: no" causing it, during registration with a free plan plus negative fixed promo - at least as far as I can see after many trials.
So, wrap-up for reproduction:
1.) Settings as per my list here above, especially in CBSubs
- Allow Free Registered Users: no
- Create Subscriptions also for free lifetime plans: yes
2.) Create CBSub plan, exclusive or not, with regular price 0, make it available during registration.
3.) Create promotion for all purchases with fixed negative value, applying to the above plan.
4.) Sign-up with that plan selected.
5.) Once the basket has loaded, look up the password field for this new user in #__users, it'll be plain text.
Again, thanks in advance for fixing this.
beat
