Revert "Do not use htmlspecialchars in widgets"

This reverts commit 2ff43abcf5860f4002d4fbb2aee930b22ab93ea6.

`Widget::escape()' does not exist. But `Widget::view()::espcae()' does.

library/Icinga/Web/Widget/AbstractWidget.php

@@ -118,7 +118,7 @@ abstract class AbstractWidget
         try {
             $html = $this->render($this->view());
         } catch (Exception $e) {
-            return $this->escape($e->getMessage());
+            return htmlspecialchars($e->getMessage());
         }
         return (string) $html;
     }

library/Icinga/Web/Widget/AlertMessageBox.php

@@ -124,7 +124,7 @@ class AlertMessageBox extends AbstractWidget
             $alert = $this->states[$level];
             $html .= '<div class="alert ' . $alert['state']. '">' .
                 $this->view()->icon($alert['icon']) .
-                '<strong>' . $this->escape($message->getMessage()) . '</strong>' .
+                '<strong>' . htmlspecialchars($message->getMessage()) . '</strong>' .
             '</div>';
         }
         return $html;

library/Icinga/Web/Widget/Chart/InlinePie.php

@@ -24,7 +24,7 @@ class InlinePie extends AbstractWidget
     const NUMBER_FORMAT_TIME = 'time';
     const NUMBER_FORMAT_BYTES = 'bytes';
     const NUMBER_FORMAT_RATIO = 'ratio';
-
+        
     /**
      * The template string used for rendering this widget
      * The template string used for rendering this widget
@@ -137,7 +137,7 @@ EOD;
      * @var string
      */
     private $tooltipFormat = '<b>{{title}}</b></br> {{label}}: {{formatted}} ({{percent}}%)';
-
+    
     /**
      * The number format used to render numeric values in tooltips
      *
@@ -212,7 +212,7 @@ EOD;
     {
         $this->format = $format;
     }
-
+    
     /**
      * A format string used to render the content of the piechart tooltips
      *
@@ -346,11 +346,11 @@ EOD;
     {
         $template = $this->template;
         $template = str_replace('{url}', $this->url, $template);
-
+        
         // style
         $template = str_replace('{width}', $this->width, $template);
         $template = str_replace('{height}', $this->height, $template);
-        $template = str_replace('{title}', $this->escape($this->title), $template);
+        $template = str_replace('{title}', htmlspecialchars($this->title), $template);
         $template = str_replace('{style}', $this->style, $template);
         $template = str_replace('{colors}', implode(',', $this->colors), $template);
         $template = str_replace('{borderWidth}', $this->borderWidth, $template);
@@ -370,9 +370,9 @@ EOD;
         foreach ($this->data as $key => $value) {
             $formatted[$key] = $this->formatValue($value);
         }
-        $template = str_replace('{data}', $this->escape(implode(',', $data)), $template);
+        $template = str_replace('{data}', htmlspecialchars(implode(',', $data)), $template);
-        $template = str_replace('{formatted}', $this->escape(implode('|', $formatted)), $template);
+        $template = str_replace('{formatted}', htmlspecialchars(implode('|', $formatted)), $template);
-        $template = str_replace('{labels}', $this->escape($this->createLabelString()), $template);
+        $template = str_replace('{labels}', htmlspecialchars($this->createLabelString()), $template);
         $template = str_replace('{tooltipFormat}', $this->tooltipFormat, $template);
         return $template;
     }

library/Icinga/Web/Widget/Tabs.php

@@ -259,7 +259,7 @@ EOT;
         try {
             $html = $this->render(Icinga::app()->getViewRenderer()->view);
         } catch (Exception $e) {
-            return $this->escape($e->getMessage());
+            return htmlspecialchars($e->getMessage());
         }
         return $html;
     }