Fix bug in moveTo() with $auth=false and $createRedirect=false
Even when $auth=false, moveToInternal() would unconditionally check
$wgUser's 'suppressredirect' permissions and override $createRedirect.
This means it was impossible to suppress redirect creation when moving
pages in a maintenance script, even when telling moveTo() to disable
permissions checks.
Fixed by moving the check from moveToInternal() up into moveTo() and
respecting $auth there
Change-Id: I9b52dc67c7ae2dbda3ca62f78d4d7df118771c0f