UserrightsPage:
* Moving fetchUser() DB logic to fetchUser_real(), fetchUser() remains present as UI wrapper
* Introducing FETCHUSER_* error constants
* saveUserGroups() now takes a User/UserRightsProxy object rather than a username
* Also validating for groups the user already has (or doesn't have) using splitGroups()
* Fixing ignored parameter $reason in saveUserGroups()
ApiChangeRights:
* Now using UserrightsPage::fetchUser_real()
* Fixing fatal error from ApiResult::setIndexedTagName() when $params['addto'] or $params['rmfrom'] was false.