Feature: following bug 527, invitation confirmation should be validated only when the user validate his/her password, not when clicking the link in the email

[phil64]

Because the account is then confirmed, even if the user has not entered a password.

In InvitationController.php, in the function editAction at line 177, $user->setDisable(false) should be moved to the function updateAction, before line 236.

However, this implies that the updateAction function must accept a $user parameter that is not enabled.