3 files changed, 39 insertions, 1 deletions

diff --git a/classes/File.php b/classes/File.php
index 9758cf7f5..e04a9d525 100644
--- a/classes/File.php
+++ b/classes/File.php
@@ -94,7 +94,13 @@ class File extends Memcached_DataObject
             $file_redir = File_redirection::staticGet('url', $given_url);
             if (empty($file_redir)) {
                 $redir_data = File_redirection::where($given_url);
-                $redir_url = $redir_data['url'];
+                if (is_array($redir_data)) {
+                    $redir_url = $redir_data['url'];
+                } elseif (is_string($redir_data)) {
+                    $redir_url = $redir_data;
+                } else {
+                    throw new ServerException("Can't process url '$given_url'");
+                }
                 // TODO: max field length
                 if ($redir_url === $given_url || strlen($redir_url) > 255) {
                     $x = File::saveNew($redir_data, $given_url);
diff --git a/classes/File_redirection.php b/classes/File_redirection.php
index 76b18f672..79052bf7d 100644
--- a/classes/File_redirection.php
+++ b/classes/File_redirection.php
@@ -79,6 +79,9 @@ class File_redirection extends Memcached_DataObject
             }
         }
 
+        if(strpos($short_url,'://') === false){
+            return $short_url;
+        }
         $curlh = File_redirection::_commonCurl($short_url, $redirs);
         // Don't include body in output
         curl_setopt($curlh, CURLOPT_NOBODY, true);
diff --git a/classes/User.php b/classes/User.php
index 5e74c7fde..3f7ed09bb 100644
--- a/classes/User.php
+++ b/classes/User.php
@@ -711,4 +711,33 @@ class User extends Memcached_DataObject
 
         return true;
     }
+
+    /**
+     * Does this user have the right to do X?
+     *
+     * With our role-based authorization, this is merely a lookup for whether the user
+     * has a particular role. The implementation currently uses a switch statement
+     * to determine if the user has the pre-defined role to exercise the right. Future
+     * implementations may allow per-site roles, and different mappings of roles to rights.
+     *
+     * @param $right string Name of the right, usually a constant in class Right
+     * @return boolean whether the user has the right in question
+     */
+
+    function hasRight($right)
+    {
+        $result = false;
+        if (Event::handle('UserRightsCheck', array($this, $right, &$result))) {
+            switch ($right)
+            {
+             case Right::deleteOthersNotice:
+                $result = $this->hasRole('moderator');
+                break;
+             default:
+                $result = false;
+                break;
+            }
+        }
+        return $result;
+    }
 }