From f7ff76bf7d0c793314e1a715fbf049e4bee6558b Mon Sep 17 00:00:00 2001
From: Alex Cabal <alex@alexcabal.com>
Date: Wed, 17 Jan 2024 16:04:30 -0600
Subject: [PATCH] Rename some Formatter functions for clarity

---
 lib/Ebook.php                         | 20 ++++----
 lib/Formatter.php                     |  4 +-
 templates/ArtworkForm.php             | 30 +++++------
 templates/ArtworkStatus.php           |  2 +-
 templates/AtomFeed.php                |  8 +--
 templates/AtomFeedEntry.php           | 14 +++---
 templates/BulkDownloadTable.php       |  8 +--
 templates/EbookGrid.php               | 12 ++---
 templates/EmailAdminNewPatron.php     |  8 +--
 templates/EmailAdminNewPatronText.php |  8 +--
 templates/EmailHeader.php             |  2 +-
 templates/Error.php                   |  2 +-
 templates/Header.php                  | 12 ++---
 templates/OpdsAcquisitionEntry.php    | 24 ++++-----
 templates/OpdsAcquisitionFeed.php     | 10 ++--
 templates/OpdsNavigationFeed.php      | 18 +++----
 templates/RssEntry.php                | 12 ++---
 templates/RssFeed.php                 |  8 +--
 templates/SearchForm.php              |  4 +-
 www/about/index.php                   |  2 +-
 www/artworks/get.php                  | 30 +++++------
 www/artworks/index.php                |  2 +-
 www/bulk-downloads/collection.php     | 14 +++---
 www/collections/index.php             |  2 +-
 www/ebooks/author.php                 |  2 +-
 www/ebooks/ebook.php                  | 72 +++++++++++++--------------
 www/ebooks/index.php                  | 14 +++---
 www/feeds/atom/search.php             |  2 +-
 www/feeds/collection.php              |  4 +-
 www/feeds/get.php                     |  4 +-
 www/feeds/opds/search.php             |  2 +-
 www/feeds/rss/search.php              |  2 +-
 www/newsletter/subscriptions/new.php  |  2 +-
 www/polls/get.php                     |  2 +-
 www/polls/index.php                   |  4 +-
 www/polls/votes/get.php               |  4 +-
 www/polls/votes/index.php             |  2 +-
 www/polls/votes/new.php               |  8 +--
 www/sessions/new.php                  |  8 +--
 39 files changed, 194 insertions(+), 194 deletions(-)

diff --git a/lib/Ebook.php b/lib/Ebook.php
index ca191246..a287069c 100644
--- a/lib/Ebook.php
+++ b/lib/Ebook.php
@@ -489,7 +489,7 @@ class Ebook{
 		$this->AuthorsHtml = $this->GenerateContributorList($this->Authors, true);
 
 		// Now the complete title with credits.
-		$this->TitleWithCreditsHtml = Formatter::ToPlainText($this->Title) . ', by ' . str_replace('&amp;', '&', $this->AuthorsHtml . $titleContributors);
+		$this->TitleWithCreditsHtml = Formatter::EscapeHtml($this->Title) . ', by ' . str_replace('&amp;', '&', $this->AuthorsHtml . $titleContributors);
 	}
 
 
@@ -671,30 +671,30 @@ class Ebook{
 
 			if($contributor->WikipediaUrl){
 				if($includeRdfa){
-					$string .= '<a property="' . $role . '" typeof="schema:Person" href="' . Formatter::ToPlainText($contributor->WikipediaUrl) .'"><span property="schema:name">' . Formatter::ToPlainText($contributor->Name) . '</span>';
+					$string .= '<a property="' . $role . '" typeof="schema:Person" href="' . Formatter::EscapeHtml($contributor->WikipediaUrl) .'"><span property="schema:name">' . Formatter::EscapeHtml($contributor->Name) . '</span>';
 
 					if($contributor->NacoafUrl){
-						$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->NacoafUrl) . '"/>';
+						$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->NacoafUrl) . '"/>';
 					}
 				}
 				else{
-					$string .= '<a href="' . Formatter::ToPlainText($contributor->WikipediaUrl) .'">' . Formatter::ToPlainText($contributor->Name);
+					$string .= '<a href="' . Formatter::EscapeHtml($contributor->WikipediaUrl) .'">' . Formatter::EscapeHtml($contributor->Name);
 				}
 
 				$string .= '</a>';
 			}
 			else{
 				if($includeRdfa){
-					$string .= '<span property="' . $role . '" typeof="schema:Person"><span property="schema:name">' . Formatter::ToPlainText($contributor->Name) . '</span>';
+					$string .= '<span property="' . $role . '" typeof="schema:Person"><span property="schema:name">' . Formatter::EscapeHtml($contributor->Name) . '</span>';
 
 					if($contributor->NacoafUrl){
-						$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->NacoafUrl) . '"/>';
+						$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->NacoafUrl) . '"/>';
 					}
 
 					$string .= '</span>';
 				}
 				else{
-					$string .= Formatter::ToPlainText($contributor->Name);
+					$string .= Formatter::EscapeHtml($contributor->Name);
 				}
 			}
 
@@ -736,14 +736,14 @@ class Ebook{
 				$string .= '<div property="' . $role . '" typeof="schema:Person">' . "\n";
 			}
 
-			$string .= '<meta property="schema:name" content="' . Formatter::ToPlainText($contributor->Name) . '"/>' . "\n";
+			$string .= '<meta property="schema:name" content="' . Formatter::EscapeHtml($contributor->Name) . '"/>' . "\n";
 
 			if($contributor->WikipediaUrl){
-				$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->WikipediaUrl) . '"/>' . "\n";
+				$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->WikipediaUrl) . '"/>' . "\n";
 			}
 
 			if($contributor->NacoafUrl){
-				$string .= '<meta property="schema:sameAs" content="' . Formatter::ToPlainText($contributor->NacoafUrl) . '"/>' . "\n";
+				$string .= '<meta property="schema:sameAs" content="' . Formatter::EscapeHtml($contributor->NacoafUrl) . '"/>' . "\n";
 			}
 
 			$string .= '</div>';
diff --git a/lib/Formatter.php b/lib/Formatter.php
index 509fdea2..c00f1acf 100644
--- a/lib/Formatter.php
+++ b/lib/Formatter.php
@@ -32,11 +32,11 @@ class Formatter{
 		return $text;
 	}
 
-	public static function ToPlainText(?string $text): string{
+	public static function EscapeHtml(?string $text): string{
 		return htmlspecialchars(trim($text ?? ''), ENT_QUOTES, 'utf-8');
 	}
 
-	public static function ToPlainXmlText(?string $text): string{
+	public static function EscapeXml(?string $text): string{
 		return htmlspecialchars(trim($text ?? ''), ENT_QUOTES|ENT_XML1, 'utf-8');
 	}
 
diff --git a/templates/ArtworkForm.php b/templates/ArtworkForm.php
index fa41e691..a70f1911 100644
--- a/templates/ArtworkForm.php
+++ b/templates/ArtworkForm.php
@@ -20,9 +20,9 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 		<span>For existing artists, leave the year of death blank.</span>
 		<datalist id="artist-names">
 			<? foreach(Library::GetAllArtists() as $artist){ ?>
-				<option value="<?= Formatter::ToPlainText($artist->Name) ?>"><?= Formatter::ToPlainText($artist->Name) ?>, d. <? if($artist->DeathYear !== null){ ?><?= $artist->DeathYear ?><? }else{ ?>unknown<? } ?></option>
+				<option value="<?= Formatter::EscapeHtml($artist->Name) ?>"><?= Formatter::EscapeHtml($artist->Name) ?>, d. <? if($artist->DeathYear !== null){ ?><?= $artist->DeathYear ?><? }else{ ?>unknown<? } ?></option>
 				<? foreach($artist->AlternateSpellings as $alternateSpelling){ ?>
-					<option value="<?= Formatter::ToPlainText($alternateSpelling) ?>"><?= Formatter::ToPlainText($alternateSpelling) ?>, d. <? if($artist->DeathYear !== null){ ?><?= Formatter::ToPlainText($artist->DeathYear) ?><? }else{ ?>unknown<? } ?></option>
+					<option value="<?= Formatter::EscapeHtml($alternateSpelling) ?>"><?= Formatter::EscapeHtml($alternateSpelling) ?>, d. <? if($artist->DeathYear !== null){ ?><?= Formatter::EscapeHtml($artist->DeathYear) ?><? }else{ ?>unknown<? } ?></option>
 				<? } ?>
 			<? } ?>
 		</datalist>
@@ -32,7 +32,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 			list="artist-names"
 			required="required"
 			autocomplete="off"
-			value="<?= Formatter::ToPlainText($artwork->Artist->Name) ?>"
+			value="<?= Formatter::EscapeHtml($artwork->Artist->Name) ?>"
 		/>
 	</label>
 	<label>
@@ -44,7 +44,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 			name="artist-year-of-death"
 			inputmode="numeric"
 			pattern="[0-9]+"
-			value="<?= Formatter::ToPlainText($artwork->Artist->DeathYear) ?>"
+			value="<?= Formatter::EscapeHtml($artwork->Artist->DeathYear) ?>"
 		/>
 	</label>
 </fieldset>
@@ -53,7 +53,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 	<label>
 		Name
 		<input type="text" name="artwork-name" required="required"
-		       value="<?= Formatter::ToPlainText($artwork->Name) ?>"/>
+		       value="<?= Formatter::EscapeHtml($artwork->Name) ?>"/>
 	</label>
 	<fieldset>
 		<label>
@@ -63,7 +63,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 				name="artwork-year"
 				inputmode="numeric"
 				pattern="[0-9]+"
-				value="<?= Formatter::ToPlainText($artwork->CompletedYear) ?>"
+				value="<?= Formatter::EscapeHtml($artwork->CompletedYear) ?>"
 			/>
 		</label>
 		<label>
@@ -82,7 +82,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 			name="artwork-tags"
 			required="required"
 			autocomplete="off"
-			value="<?= Formatter::ToPlainText($artwork->ImplodeTags()) ?>"
+			value="<?= Formatter::EscapeHtml($artwork->ImplodeTags()) ?>"
 		/>
 	</label>
 	<label>
@@ -107,7 +107,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 				type="url"
 				name="artwork-museum-url"
 				autocomplete="off"
-				value="<?= Formatter::ToPlainText($artwork->MuseumUrl) ?>"
+				value="<?= Formatter::EscapeHtml($artwork->MuseumUrl) ?>"
 			/>
 		</label>
 	</fieldset>
@@ -129,7 +129,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 				name="artwork-publication-year"
 				inputmode="numeric"
 				pattern="[0-9]+"
-				value="<?= Formatter::ToPlainText($artwork->PublicationYear) ?>"
+				value="<?= Formatter::EscapeHtml($artwork->PublicationYear) ?>"
 			/>
 		</label>
 		<label>
@@ -139,7 +139,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 				type="url"
 				name="artwork-publication-year-page-url"
 				autocomplete="off"
-				value="<?= Formatter::ToPlainText($artwork->PublicationYearPageUrl) ?>"
+				value="<?= Formatter::EscapeHtml($artwork->PublicationYearPageUrl) ?>"
 			/>
 		</label>
 		<label>
@@ -149,7 +149,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 				type="url"
 				name="artwork-copyright-page-url"
 				autocomplete="off"
-				value="<?= Formatter::ToPlainText($artwork->CopyrightPageUrl) ?>"
+				value="<?= Formatter::EscapeHtml($artwork->CopyrightPageUrl) ?>"
 			/>
 		</label>
 		<label>
@@ -159,7 +159,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 				type="url"
 				name="artwork-artwork-page-url"
 				autocomplete="off"
-				value="<?= Formatter::ToPlainText($artwork->ArtworkPageUrl) ?>"
+				value="<?= Formatter::EscapeHtml($artwork->ArtworkPageUrl) ?>"
 			/>
 		</label>
 	</fieldset>
@@ -168,7 +168,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 		<label>
 		<span>Public domain status exception reason</span>
 		<span>Markdown accepted.</span>
-		<textarea maxlength="1024" name="artwork-exception"><?= Formatter::ToPlainText($artwork->Exception) ?></textarea>
+		<textarea maxlength="1024" name="artwork-exception"><?= Formatter::EscapeHtml($artwork->Exception) ?></textarea>
 		</label>
 	</fieldset>
 </fieldset>
@@ -177,7 +177,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 	<label>
 		<span>Special notes</span>
 		<span>Any notes to remember about this artwork. Markdown accepted.</span>
-		<textarea maxlength="1024" name="artwork-notes"><?= Formatter::ToPlainText($artwork->Notes) ?></textarea>
+		<textarea maxlength="1024" name="artwork-notes"><?= Formatter::EscapeHtml($artwork->Notes) ?></textarea>
 	</label>
 </fieldset>
 <? if($artwork->CanStatusBeChangedBy($GLOBALS['User'] ?? null) || $artwork->CanEbookWwwFilesysemPathBeChangedBy($GLOBALS['User'] ?? null)){ ?>
@@ -199,7 +199,7 @@ $now = new DateTime('now', new DateTimeZone('America/Juneau')); // Latest contin
 		<label>
 			<span>In use by</span>
 			<span>Ebook file system slug, like <code>c-s-lewis_poetry</code>. If not in use, leave this blank.</span>
-			<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?>"/>
+			<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?>"/>
 		</label>
 	<? } ?>
 </fieldset>
diff --git a/templates/ArtworkStatus.php b/templates/ArtworkStatus.php
index 4b59ab0c..aefe22dc 100644
--- a/templates/ArtworkStatus.php
+++ b/templates/ArtworkStatus.php
@@ -5,5 +5,5 @@ $artwork = $artwork ?? null;
 <? if($artwork->Status == ArtworkStatus::Approved){ ?>Approved<? } ?>
 <? if($artwork->Status == ArtworkStatus::Declined){ ?>Declined<? } ?>
 <? if($artwork->Status == ArtworkStatus::Unverified){ ?>Unverified<? } ?>
-<? if($artwork->EbookWwwFilesystemPath !== null){ ?> — in use<? if($artwork->EbookWwwFilesystemPath !== null){ ?> by <? if($artwork->Ebook !== null && $artwork->Ebook->Url !== null){ ?><i><a href="<?= $artwork->Ebook->Url ?>"><?= Formatter::ToPlainText($artwork->Ebook->Title) ?></a></i><? }else{ ?><code><?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?></code> (unreleased)<? } ?><? } ?><? } ?>
+<? if($artwork->EbookWwwFilesystemPath !== null){ ?> — in use<? if($artwork->EbookWwwFilesystemPath !== null){ ?> by <? if($artwork->Ebook !== null && $artwork->Ebook->Url !== null){ ?><i><a href="<?= $artwork->Ebook->Url ?>"><?= Formatter::EscapeHtml($artwork->Ebook->Title) ?></a></i><? }else{ ?><code><?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?></code> (unreleased)<? } ?><? } ?><? } ?>
 <? } ?>
diff --git a/templates/AtomFeed.php b/templates/AtomFeed.php
index ad5aed53..5d74252e 100644
--- a/templates/AtomFeed.php
+++ b/templates/AtomFeed.php
@@ -7,10 +7,10 @@ $subtitle = $subtitle ?? null;
 print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
 ?>
 <feed xmlns="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/">
-	<id><?= SITE_URL . Formatter::ToPlainXmlText($id) ?></id>
-	<link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/atom+xml"/>
-	<title><?= Formatter::ToPlainXmlText($title) ?></title>
-	<? if($subtitle !== null){ ?><subtitle><?= Formatter::ToPlainXmlText($subtitle) ?></subtitle><? } ?>
+	<id><?= SITE_URL . Formatter::EscapeXml($id) ?></id>
+	<link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/atom+xml"/>
+	<title><?= Formatter::EscapeXml($title) ?></title>
+	<? if($subtitle !== null){ ?><subtitle><?= Formatter::EscapeXml($subtitle) ?></subtitle><? } ?>
 	<icon><?= SITE_URL ?>/images/logo.png</icon>
 	<updated><?= $updated->format('Y-m-d\TH:i:s\Z') ?></updated>
 	<author>
diff --git a/templates/AtomFeedEntry.php b/templates/AtomFeedEntry.php
index 969dfdbf..5c19b0bf 100644
--- a/templates/AtomFeedEntry.php
+++ b/templates/AtomFeedEntry.php
@@ -1,22 +1,22 @@
 <entry>
 	<id><?= SITE_URL . $entry->Url ?></id>
-	<title><?= Formatter::ToPlainXmlText($entry->Title) ?></title>
+	<title><?= Formatter::EscapeXml($entry->Title) ?></title>
 	<? foreach($entry->Authors as $author){ ?>
 		<author>
-			<name><?= Formatter::ToPlainXmlText($author->Name) ?></name>
-			<uri><?= SITE_URL . Formatter::ToPlainXmlText($entry->AuthorsUrl) ?></uri>
+			<name><?= Formatter::EscapeXml($author->Name) ?></name>
+			<uri><?= SITE_URL . Formatter::EscapeXml($entry->AuthorsUrl) ?></uri>
 		</author>
 	<? } ?>
 	<published><?= $entry->Created->format('Y-m-d\TH:i:s\Z') ?></published>
 	<updated><?= $entry->Updated->format('Y-m-d\TH:i:s\Z') ?></updated>
 	<rights>Public domain in the United States. Users located outside of the United States must check their local laws before using this ebook. Original content released to the public domain via the Creative Commons CC0 1.0 Universal Public Domain Dedication.</rights>
-	<summary type="text"><?= Formatter::ToPlainXmlText($entry->Description) ?></summary>
-	<content type="html"><?= Formatter::ToPlainXmlText($entry->LongDescription) ?></content>
+	<summary type="text"><?= Formatter::EscapeXml($entry->Description) ?></summary>
+	<content type="html"><?= Formatter::EscapeXml($entry->LongDescription) ?></content>
 	<? foreach($entry->LocTags as $subject){ ?>
-	<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::ToPlainXmlText($subject) ?>"/>
+	<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::EscapeXml($subject) ?>"/>
 	<? } ?>
 	<? foreach($entry->Tags as $subject){ ?>
-	<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::ToPlainXmlText($subject->Name) ?>"/>
+	<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::EscapeXml($subject->Name) ?>"/>
 	<? } ?>
 	<media:thumbnail url="<?= SITE_URL . $entry->Url ?>/downloads/cover-thumbnail.jpg" height="525" width="350"/>
 	<link href="<?= SITE_URL . $entry->Url ?>" rel="alternate" title="This ebook’s page at Standard Ebooks" type="application/xhtml+xml"/>
diff --git a/templates/BulkDownloadTable.php b/templates/BulkDownloadTable.php
index 5f172397..1d0aee64 100644
--- a/templates/BulkDownloadTable.php
+++ b/templates/BulkDownloadTable.php
@@ -11,13 +11,13 @@
 	<tbody>
 		<? foreach($collections as $collection){ ?>
 		<tr>
-			<td class="row-header"><a href="<?= $collection->Url ?>"><?= Formatter::ToPlainText($collection->Label) ?></a></td>
-			<td class="number"><?= Formatter::ToPlainText(number_format($collection->EbookCount)) ?></td>
-			<td class="number"><?= Formatter::ToPlainText($collection->UpdatedString) ?></td>
+			<td class="row-header"><a href="<?= $collection->Url ?>"><?= Formatter::EscapeHtml($collection->Label) ?></a></td>
+			<td class="number"><?= Formatter::EscapeHtml(number_format($collection->EbookCount)) ?></td>
+			<td class="number"><?= Formatter::EscapeHtml($collection->UpdatedString) ?></td>
 
 			<? foreach($collection->ZipFiles as $item){ ?>
 				<td class="download"><a href="<?= $item->Url ?>"><?= $item->Type ?></a></td>
-				<td>(<?= Formatter::ToPlainText($item->Size) ?>)</td>
+				<td>(<?= Formatter::EscapeHtml($item->Size) ?>)</td>
 			<? } ?>
 		</tr>
 		<? } ?>
diff --git a/templates/EbookGrid.php b/templates/EbookGrid.php
index 4fb22e8e..cbe4a0c3 100644
--- a/templates/EbookGrid.php
+++ b/templates/EbookGrid.php
@@ -9,7 +9,7 @@ $ebooks = $ebooks ?? [];
 ?>
 <ol class="ebooks-list<? if($view == VIEW_LIST){ ?>  list<? }else{ ?> grid<? } ?>"<? if($collection !== null){ ?> typeof="schema:BookSeries" about="<?= $collection->Url ?>"<? } ?>>
 <? if($collection !== null){ ?>
-	<meta property="schema:name" content="<?= Formatter::ToPlainText($collection->Name) ?>"/>
+	<meta property="schema:name" content="<?= Formatter::EscapeHtml($collection->Name) ?>"/>
 <? } ?>
 <? foreach($ebooks as $ebook){ ?>
 	<li typeof="schema:Book"<? if($collection !== null){ ?> resource="<?= $ebook->Url ?>" property="schema:hasPart"<? if($ebook->GetCollectionPosition($collection) !== null){ ?> value="<?= $ebook->GetCollectionPosition($collection) ?>"<? } ?><? }else{ ?> about="<?= $ebook->Url ?>"<? } ?>>
@@ -21,19 +21,19 @@ $ebooks = $ebooks ?? [];
 				<picture>
 					<? if($ebook->CoverImage2xAvifUrl !== null){ ?><source srcset="<?= $ebook->CoverImage2xAvifUrl ?> 2x, <?= $ebook->CoverImageAvifUrl ?> 1x" type="image/avif"/><? } ?>
 					<source srcset="<?= $ebook->CoverImage2xUrl ?> 2x, <?= $ebook->CoverImageUrl ?> 1x" type="image/jpg"/>
-					<img src="<?= $ebook->CoverImage2xUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::ToPlainText(strip_tags($ebook->TitleWithCreditsHtml)) ?>" property="schema:image" height="335" width="224"/>
+					<img src="<?= $ebook->CoverImage2xUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::EscapeHtml(strip_tags($ebook->TitleWithCreditsHtml)) ?>" property="schema:image" height="335" width="224"/>
 				</picture>
 			</a>
 		</div>
-		<p><a href="<?= $ebook->Url ?>" property="schema:url"><span property="schema:name"><?= Formatter::ToPlainText($ebook->Title) ?></span></a></p>
+		<p><a href="<?= $ebook->Url ?>" property="schema:url"><span property="schema:name"><?= Formatter::EscapeHtml($ebook->Title) ?></span></a></p>
 		<? if($view == VIEW_GRID){  ?>
 		<? foreach($ebook->Authors as $author){ ?>
-			<p class="author" typeof="schema:Person" property="schema:author" resource="<?= $ebook->AuthorsUrl ?>"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::ToPlainText(SITE_URL . $ebook->AuthorsUrl) ?>" property="schema:url"><span property="schema:name"><?= Formatter::ToPlainText($author->Name) ?></span></a><? } ?></p>
+			<p class="author" typeof="schema:Person" property="schema:author" resource="<?= $ebook->AuthorsUrl ?>"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::EscapeHtml(SITE_URL . $ebook->AuthorsUrl) ?>" property="schema:url"><span property="schema:name"><?= Formatter::EscapeHtml($author->Name) ?></span></a><? } ?></p>
 		<? } ?>
 		<? }else{ ?>
 			<div>
 			<? foreach($ebook->Authors as $author){ ?>
-				<p class="author"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::ToPlainText($ebook->AuthorsUrl) ?>"><?= Formatter::ToPlainText($author->Name) ?></a><? } ?></p>
+				<p class="author"><? if($author->Name != 'Anonymous'){ ?><a href="<?= Formatter::EscapeHtml($ebook->AuthorsUrl) ?>"><?= Formatter::EscapeHtml($author->Name) ?></a><? } ?></p>
 			<? } ?>
 			</div>
 			<div class="details">
@@ -43,7 +43,7 @@ $ebooks = $ebooks ?? [];
 				</div>
 				<? } ?>
 				<p><?= number_format($ebook->WordCount) ?> words • <?= $ebook->ReadingEase ?> reading ease</p>
-				<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::ToPlainText($tag->Name) ?></a></li><? } ?></ul>
+				<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::EscapeHtml($tag->Name) ?></a></li><? } ?></ul>
 			</div>
 		<? } ?>
 	</li>
diff --git a/templates/EmailAdminNewPatron.php b/templates/EmailAdminNewPatron.php
index 8f534d2d..b760e61d 100644
--- a/templates/EmailAdminNewPatron.php
+++ b/templates/EmailAdminNewPatron.php
@@ -17,7 +17,7 @@
 		<tbody>
 			<tr>
 				<td>Name:</td>
-				<td><? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::ToPlainText($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?></td>
+				<td><? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::EscapeHtml($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?></td>
 			</tr>
 			<tr>
 				<td>Donation type:</td>
@@ -25,15 +25,15 @@
 			</tr>
 			<tr>
 				<td>Donation amount:</td>
-				<td><?= Formatter::ToPlainText(number_format($payment->Amount, 2)) ?></td>
+				<td><?= Formatter::EscapeHtml(number_format($payment->Amount, 2)) ?></td>
 			</tr>
 			<tr>
 				<td>Donation fee:</td>
-				<td><?= Formatter::ToPlainText(number_format($payment->Fee, 2)) ?></td>
+				<td><?= Formatter::EscapeHtml(number_format($payment->Fee, 2)) ?></td>
 			</tr>
 			<tr>
 				<td>Transaction ID:</td>
-				<td><a href="https://fundraising.fracturedatlas.org/admin/donations?query=<?= urlencode($payment->TransactionId) ?>"><?= Formatter::ToPlainText($payment->TransactionId) ?></a></td>
+				<td><a href="https://fundraising.fracturedatlas.org/admin/donations?query=<?= urlencode($payment->TransactionId) ?>"><?= Formatter::EscapeHtml($payment->TransactionId) ?></a></td>
 			</tr>
 		</tbody>
 	</table>
diff --git a/templates/EmailAdminNewPatronText.php b/templates/EmailAdminNewPatronText.php
index 5c73a45e..a1dfbb9f 100644
--- a/templates/EmailAdminNewPatronText.php
+++ b/templates/EmailAdminNewPatronText.php
@@ -1,9 +1,9 @@
-Name: <? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::ToPlainText($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?>
+Name: <? if($patron->User->Name === null){ ?>Anonymous <? }else{ ?><?= Formatter::EscapeHtml($patron->User->Name) ?><? if($patron->IsAnonymous){ ?> (Anonymous)<? } ?><? } ?>
 
 Donation type: <? if($payment->IsRecurring){ ?>Recurring<? }else{ ?>One-time<? } ?>
 
-Donation amount: <?= Formatter::ToPlainText(number_format($payment->Amount, 2)) ?>
+Donation amount: <?= Formatter::EscapeHtml(number_format($payment->Amount, 2)) ?>
 
-Donation fee: <?= Formatter::ToPlainText(number_format($payment->Fee, 2)) ?>
+Donation fee: <?= Formatter::EscapeHtml(number_format($payment->Fee, 2)) ?>
 
-Transaction ID: <?= Formatter::ToPlainText($payment->TransactionId) ?>
+Transaction ID: <?= Formatter::EscapeHtml($payment->TransactionId) ?>
diff --git a/templates/EmailHeader.php b/templates/EmailHeader.php
index c274a8f1..9c1936b3 100644
--- a/templates/EmailHeader.php
+++ b/templates/EmailHeader.php
@@ -191,4 +191,4 @@ $letterhead = $letterhead ?? false;
 </head>
 <body>
 	<div class="body<? if($letterhead){ ?> letterhead<? } ?>">
-	<? if($preheader){ ?><p class="preheader"><?= Formatter::ToPlainText($preheader) ?><? for($i = 0; $i < 150 - strlen($preheader); $i++){ ?>&zwnj;&nbsp;<? } ?></p><? } ?>
+	<? if($preheader){ ?><p class="preheader"><?= Formatter::EscapeHtml($preheader) ?><? for($i = 0; $i < 150 - strlen($preheader); $i++){ ?>&zwnj;&nbsp;<? } ?></p><? } ?>
diff --git a/templates/Error.php b/templates/Error.php
index 97e52ee0..d42376bf 100644
--- a/templates/Error.php
+++ b/templates/Error.php
@@ -16,7 +16,7 @@ else{
 <ul class="message error">
 	<? foreach($exceptions as $ex){ ?>
 	<li>
-		<p><? $message = $ex->getMessage(); if($message == ''){ $message = 'An error occurred.'; } ?><?= str_replace('CAPTCHA', '<abbr class="acronym">CAPTCHA</abbr>', Formatter::ToPlainText($message)) ?></p>
+		<p><? $message = $ex->getMessage(); if($message == ''){ $message = 'An error occurred.'; } ?><?= str_replace('CAPTCHA', '<abbr class="acronym">CAPTCHA</abbr>', Formatter::EscapeHtml($message)) ?></p>
 	</li>
 	<? } ?>
 </ul>
diff --git a/templates/Header.php b/templates/Header.php
index 7a556e06..ef5f2d33 100644
--- a/templates/Header.php
+++ b/templates/Header.php
@@ -29,8 +29,8 @@ if(!$isXslt){
 <html xmlns="http://www.w3.org/1999/xhtml" lang="en-US">
 <head prefix="twitter: https://twitter.com/ schema: http://schema.org/"><? /* The `og` RDFa prefix is part of the RDFa spec */ ?>
 	<meta charset="utf-8"/>
-	<title><? if($title != ''){ ?><?= Formatter::ToPlainText($title) ?> - <? } ?>Standard Ebooks: Free and liberated ebooks, carefully produced for the true book lover.</title>
-	<? if($description != ''){ ?><meta content="<?= Formatter::ToPlainText($description) ?>" name="description"/><? } ?>
+	<title><? if($title != ''){ ?><?= Formatter::EscapeHtml($title) ?> - <? } ?>Standard Ebooks: Free and liberated ebooks, carefully produced for the true book lover.</title>
+	<? if($description != ''){ ?><meta content="<?= Formatter::EscapeHtml($description) ?>" name="description"/><? } ?>
 	<meta content="width=device-width, initial-scale=1" name="viewport"/>
 	<link rel="preload" as="font" href="/fonts/crimson-pro.woff2" type="font/woff2" crossorigin="anonymous"/> <? /* Fonts require the crossorigin attribute */ ?>
 	<link rel="preload" as="font" href="/fonts/league-spartan-bold.woff2" type="font/woff2" crossorigin="anonymous"/>
@@ -65,15 +65,15 @@ if(!$isXslt){
 	<link rel="alternate" type="application/atom+xml;profile=opds-catalog;kind=acquisition" title="Standard Ebooks - New Releases" href="https://standardebooks.org/feeds/opds/new-releases"/>
 	<link rel="alternate" type="application/rss+xml" title="Standard Ebooks - New Releases" href="https://standardebooks.org/feeds/rss/new-releases"/>
 	<? }else{ ?>
-	<link rel="alternate" type="application/atom+xml" title="<?= Formatter::ToPlainText($feedTitle) ?>" href="/feeds/atom<?= $feedUrl ?>"/>
-	<link rel="alternate" type="application/atom+xml;profile=opds-catalog;kind=acquisition" title="<?= Formatter::ToPlainText($feedTitle) ?>" href="/feeds/opds<?= $feedUrl ?>"/>
-	<link rel="alternate" type="application/rss+xml" title="<?= Formatter::ToPlainText($feedTitle) ?>" href="/feeds/rss<?= $feedUrl ?>"/>
+	<link rel="alternate" type="application/atom+xml" title="<?= Formatter::EscapeHtml($feedTitle) ?>" href="/feeds/atom<?= $feedUrl ?>"/>
+	<link rel="alternate" type="application/atom+xml;profile=opds-catalog;kind=acquisition" title="<?= Formatter::EscapeHtml($feedTitle) ?>" href="/feeds/opds<?= $feedUrl ?>"/>
+	<link rel="alternate" type="application/rss+xml" title="<?= Formatter::EscapeHtml($feedTitle) ?>" href="/feeds/rss<?= $feedUrl ?>"/>
 	<? } ?>
 	<link rel="search" href="/ebooks" type="application/xhtml+xml; charset=utf-8"/>
 	<link rel="search" href="/ebooks/opensearch" type="application/opensearchdescription+xml; charset=utf-8"/>
 	<? if(!$isErrorPage){ ?>
 	<meta content="#394451" name="theme-color"/>
-	<meta content="<? if($title != ''){ ?><?= Formatter::ToPlainText($title) ?><? }else{ ?>Standard Ebooks<? } ?>" property="og:title"/>
+	<meta content="<? if($title != ''){ ?><?= Formatter::EscapeHtml($title) ?><? }else{ ?>Standard Ebooks<? } ?>" property="og:title"/>
 	<meta content="<?= $ogType ?? 'website' ?>" property="og:type"/>
 	<meta content="<?= SITE_URL . str_replace(SITE_URL, '', ($_SERVER['ORIG_PATH_INFO'] ?? $_SERVER['SCRIPT_URI'] ?? '')) ?>" property="og:url"/>
 	<meta content="<?= SITE_URL . ($coverUrl ?? '/images/logo.png') ?>" property="og:image"/>
diff --git a/templates/OpdsAcquisitionEntry.php b/templates/OpdsAcquisitionEntry.php
index ea840318..ede690f4 100644
--- a/templates/OpdsAcquisitionEntry.php
+++ b/templates/OpdsAcquisitionEntry.php
@@ -1,29 +1,29 @@
 <entry>
 	<id><?= SITE_URL . $entry->Url ?></id>
-	<dc:identifier><?= Formatter::ToPlainXmlText($entry->Identifier) ?></dc:identifier>
-	<title><?= Formatter::ToPlainXmlText($entry->Title) ?></title>
+	<dc:identifier><?= Formatter::EscapeXml($entry->Identifier) ?></dc:identifier>
+	<title><?= Formatter::EscapeXml($entry->Title) ?></title>
 	<? foreach($entry->Authors as $author){ ?>
 		<author>
-			<name><?= Formatter::ToPlainXmlText($author->Name) ?></name>
-			<uri><?= SITE_URL . Formatter::ToPlainXmlText($entry->AuthorsUrl) ?></uri>
-			<? if($author->FullName !== null){ ?><schema:alternateName><?= Formatter::ToPlainXmlText($author->FullName) ?></schema:alternateName><? } ?>
-			<? if($author->WikipediaUrl !== null){ ?><schema:sameAs><?= Formatter::ToPlainXmlText($author->WikipediaUrl) ?></schema:sameAs><? } ?>
-			<? if($author->NacoafUrl !== null){ ?><schema:sameAs><?= Formatter::ToPlainXmlText($author->NacoafUrl) ?></schema:sameAs><? } ?>
+			<name><?= Formatter::EscapeXml($author->Name) ?></name>
+			<uri><?= SITE_URL . Formatter::EscapeXml($entry->AuthorsUrl) ?></uri>
+			<? if($author->FullName !== null){ ?><schema:alternateName><?= Formatter::EscapeXml($author->FullName) ?></schema:alternateName><? } ?>
+			<? if($author->WikipediaUrl !== null){ ?><schema:sameAs><?= Formatter::EscapeXml($author->WikipediaUrl) ?></schema:sameAs><? } ?>
+			<? if($author->NacoafUrl !== null){ ?><schema:sameAs><?= Formatter::EscapeXml($author->NacoafUrl) ?></schema:sameAs><? } ?>
 		</author>
 	<? } ?>
 	<published><?= $entry->Created->format('Y-m-d\TH:i:s\Z') ?></published>
 	<dc:issued><?= $entry->Created->format('Y-m-d\TH:i:s\Z') ?></dc:issued>
 	<updated><?= $entry->Updated->format('Y-m-d\TH:i:s\Z') ?></updated>
-	<dc:language><?= Formatter::ToPlainXmlText($entry->Language) ?></dc:language>
+	<dc:language><?= Formatter::EscapeXml($entry->Language) ?></dc:language>
 	<dc:publisher>Standard Ebooks</dc:publisher>
 	<rights>Public domain in the United States. Users located outside of the United States must check their local laws before using this ebook. Original content released to the public domain via the Creative Commons CC0 1.0 Universal Public Domain Dedication.</rights>
-	<summary type="text"><?= Formatter::ToPlainXmlText($entry->Description) ?></summary>
-	<content type="html"><?= Formatter::ToPlainXmlText($entry->LongDescription) ?></content>
+	<summary type="text"><?= Formatter::EscapeXml($entry->Description) ?></summary>
+	<content type="html"><?= Formatter::EscapeXml($entry->LongDescription) ?></content>
 	<? foreach($entry->LocTags as $subject){ ?>
-	<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::ToPlainXmlText($subject) ?>"/>
+	<category scheme="http://purl.org/dc/terms/LCSH" term="<?= Formatter::EscapeXml($subject) ?>"/>
 	<? } ?>
 	<? foreach($entry->Tags as $subject){ ?>
-	<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::ToPlainXmlText($subject->Name) ?>"/>
+	<category scheme="https://standardebooks.org/vocab/subjects" term="<?= Formatter::EscapeXml($subject->Name) ?>"/>
 	<? } ?>
 	<link href="<?= SITE_URL . $entry->Url ?>/downloads/cover.jpg" rel="http://opds-spec.org/image" type="image/jpeg"/>
 	<link href="<?= SITE_URL . $entry->Url ?>/downloads/cover-thumbnail.jpg" rel="http://opds-spec.org/image/thumbnail" type="image/jpeg"/>
diff --git a/templates/OpdsAcquisitionFeed.php b/templates/OpdsAcquisitionFeed.php
index b51d8a3b..c2225c6a 100644
--- a/templates/OpdsAcquisitionFeed.php
+++ b/templates/OpdsAcquisitionFeed.php
@@ -17,14 +17,14 @@ $subtitle = $subtitle ?? null;
 print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
 ?>
 <feed xmlns="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/terms/" xmlns:schema="http://schema.org/"<? if($isCrawlable){ ?> xmlns:fh="http://purl.org/syndication/history/1.0"<? } ?>>
-	<id><?= SITE_URL . Formatter::ToPlainXmlText($id) ?></id>
-	<link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
+	<id><?= SITE_URL . Formatter::EscapeXml($id) ?></id>
+	<link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/feeds/opds" rel="start" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
-	<link href="<?= SITE_URL ?><?= Formatter::ToPlainXmlText($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
+	<link href="<?= SITE_URL ?><?= Formatter::EscapeXml($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/feeds/opds/all" rel="http://opds-spec.org/crawlable" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml; charset=utf-8"/>
-	<title><?= Formatter::ToPlainXmlText($title) ?></title>
-	<? if($subtitle !== null){ ?><subtitle><?= Formatter::ToPlainXmlText($subtitle) ?></subtitle><? } ?>
+	<title><?= Formatter::EscapeXml($title) ?></title>
+	<? if($subtitle !== null){ ?><subtitle><?= Formatter::EscapeXml($subtitle) ?></subtitle><? } ?>
 	<icon><?= SITE_URL ?>/images/logo.png</icon>
 	<updated><?= $updated->format('Y-m-d\TH:i:s\Z') ?></updated>
 	<? if($isCrawlable){ ?><fh:complete/><? } ?>
diff --git a/templates/OpdsNavigationFeed.php b/templates/OpdsNavigationFeed.php
index 9ac7fa37..0a4f4aa0 100644
--- a/templates/OpdsNavigationFeed.php
+++ b/templates/OpdsNavigationFeed.php
@@ -8,14 +8,14 @@ $subtitle = $subtitle ?? null;
 print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
 ?>
 <feed xmlns="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/terms/">
-	<id><?= SITE_URL . Formatter::ToPlainXmlText($id) ?></id>
-	<link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
+	<id><?= SITE_URL . Formatter::EscapeXml($id) ?></id>
+	<link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/feeds/opds" rel="start" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/feeds/opds/all" rel="http://opds-spec.org/crawlable" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml; charset=utf-8"/>
-	<? if($parentUrl !== null){ ?><link href="<?= SITE_URL ?><?= Formatter::ToPlainXmlText($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/><? } ?>
-	<title><?= Formatter::ToPlainXmlText($title) ?></title>
-	<? if($subtitle !== null){ ?><subtitle><?= Formatter::ToPlainXmlText($subtitle) ?></subtitle><? } ?>
+	<? if($parentUrl !== null){ ?><link href="<?= SITE_URL ?><?= Formatter::EscapeXml($parentUrl) ?>" rel="up" type="application/atom+xml;profile=opds-catalog;kind=navigation; charset=utf-8"/><? } ?>
+	<title><?= Formatter::EscapeXml($title) ?></title>
+	<? if($subtitle !== null){ ?><subtitle><?= Formatter::EscapeXml($subtitle) ?></subtitle><? } ?>
 	<icon><?= SITE_URL ?>/images/logo.png</icon>
 	<updated><?= $updated->format('Y-m-d\TH:i:s\Z') ?></updated>
 	<author>
@@ -24,11 +24,11 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
 	</author>
 	<? foreach($entries as $entry){ ?>
 		<entry>
-			<title><?= Formatter::ToPlainXmlText($entry->Title) ?></title>
-			<link href="<?= SITE_URL . Formatter::ToPlainXmlText($entry->Url) ?>" rel="<?= Formatter::ToPlainXmlText($entry->Rel) ?>" type="application/atom+xml;profile=opds-catalog;kind=<?= $entry->Type ?>; charset=utf-8"/>
+			<title><?= Formatter::EscapeXml($entry->Title) ?></title>
+			<link href="<?= SITE_URL . Formatter::EscapeXml($entry->Url) ?>" rel="<?= Formatter::EscapeXml($entry->Rel) ?>" type="application/atom+xml;profile=opds-catalog;kind=<?= $entry->Type ?>; charset=utf-8"/>
 			<updated><? if($entry->Updated !== null){ ?><?= $entry->Updated->format('Y-m-d\TH:i:s\Z') ?><? } ?></updated>
-			<id><?= Formatter::ToPlainXmlText($entry->Id) ?></id>
-			<content type="text"><?= Formatter::ToPlainXmlText($entry->Description) ?></content>
+			<id><?= Formatter::EscapeXml($entry->Id) ?></id>
+			<content type="text"><?= Formatter::EscapeXml($entry->Description) ?></content>
 		</entry>
 	<? } ?>
 </feed>
diff --git a/templates/RssEntry.php b/templates/RssEntry.php
index d47f9a6f..f6342973 100644
--- a/templates/RssEntry.php
+++ b/templates/RssEntry.php
@@ -1,14 +1,14 @@
 <item>
-	<title><?= Formatter::ToPlainXmlText($entry->Title) ?>, by <?= Formatter::ToPlainXmlText(strip_tags($entry->AuthorsHtml)) ?></title>
-	<link><?= SITE_URL . Formatter::ToPlainXmlText($entry->Url) ?></link>
-	<description><?= Formatter::ToPlainXmlText($entry->Description) ?></description>
+	<title><?= Formatter::EscapeXml($entry->Title) ?>, by <?= Formatter::EscapeXml(strip_tags($entry->AuthorsHtml)) ?></title>
+	<link><?= SITE_URL . Formatter::EscapeXml($entry->Url) ?></link>
+	<description><?= Formatter::EscapeXml($entry->Description) ?></description>
 	<pubDate><?= $entry->Created->format('r') ?></pubDate>
-	<guid><?= Formatter::ToPlainXmlText(preg_replace('/^url:/ius', '', $entry->Identifier)) ?></guid>
+	<guid><?= Formatter::EscapeXml(preg_replace('/^url:/ius', '', $entry->Identifier)) ?></guid>
 	<? foreach($entry->Tags as $tag){ ?>
-	<category domain="https://standardebooks.org/vocab/subjects"><?= Formatter::ToPlainXmlText($tag->Name) ?></category>
+	<category domain="https://standardebooks.org/vocab/subjects"><?= Formatter::EscapeXml($tag->Name) ?></category>
 	<? } ?>
 	<media:thumbnail url="<?= SITE_URL . $entry->Url ?>/downloads/cover-thumbnail.jpg" height="525" width="350"/>
 	<? if($entry->EpubUrl !== null){ ?>
-	<enclosure url="<?= SITE_URL . Formatter::ToPlainXmlText($entry->EpubUrl)  ?>" length="<?= filesize(WEB_ROOT . $entry->EpubUrl) ?>" type="application/epub+zip" />  <? /* Only one <enclosure> is allowed */ ?>
+	<enclosure url="<?= SITE_URL . Formatter::EscapeXml($entry->EpubUrl)  ?>" length="<?= filesize(WEB_ROOT . $entry->EpubUrl) ?>" type="application/epub+zip" />  <? /* Only one <enclosure> is allowed */ ?>
 	<? } ?>
 </item>
diff --git a/templates/RssFeed.php b/templates/RssFeed.php
index b17d3e13..d4021aba 100644
--- a/templates/RssFeed.php
+++ b/templates/RssFeed.php
@@ -7,18 +7,18 @@ use Safe\DateTime;
 print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n");
 ?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:media="http://search.yahoo.com/mrss/">
 	<channel>
-		<title><?= Formatter::ToPlainXmlText($title) ?></title>
+		<title><?= Formatter::EscapeXml($title) ?></title>
 		<link><?= SITE_URL ?></link>
-		<description><?= Formatter::ToPlainXmlText($description) ?></description>
+		<description><?= Formatter::EscapeXml($description) ?></description>
 		<language>en-US</language>
 		<copyright>https://creativecommons.org/publicdomain/zero/1.0/</copyright>
 		<lastBuildDate><?= $updated ?></lastBuildDate>
 		<docs>http://blogs.law.harvard.edu/tech/rss</docs>
-		<atom:link href="<?= SITE_URL . Formatter::ToPlainXmlText($url) ?>" rel="self" type="application/rss+xml"/>
+		<atom:link href="<?= SITE_URL . Formatter::EscapeXml($url) ?>" rel="self" type="application/rss+xml"/>
 		<atom:link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml" />
 		<image>
 			<url><?= SITE_URL ?>/images/logo-rss.png</url>
-			<title><?= Formatter::ToPlainXmlText($title) ?></title> <? /* must be identical to channel title */ ?>
+			<title><?= Formatter::EscapeXml($title) ?></title> <? /* must be identical to channel title */ ?>
 			<description>The Standard Ebooks logo</description>
 			<link><?= SITE_URL ?></link>
 			<height>144</height>
diff --git a/templates/SearchForm.php b/templates/SearchForm.php
index fa90d9cd..17ff29de 100644
--- a/templates/SearchForm.php
+++ b/templates/SearchForm.php
@@ -6,12 +6,12 @@ $allSelected = sizeof($tags) == 0 || in_array('all', $tags);
 		<select <? if(!Template::IsEreaderBrowser()){ ?> multiple="multiple"<? } ?> name="tags[]" size="1">
 			<option value="all">All</option>
 		<? foreach(Library::GetTags() as $tag){ ?>
-			<option value="<?= $tag->UrlName ?>"<? if(!$allSelected && in_array($tag->UrlName, $tags)){ ?> selected="selected"<? } ?>><?= Formatter::ToPlainText($tag->Name) ?></option>
+			<option value="<?= $tag->UrlName ?>"<? if(!$allSelected && in_array($tag->UrlName, $tags)){ ?> selected="selected"<? } ?>><?= Formatter::EscapeHtml($tag->Name) ?></option>
 		<? } ?>
 		</select>
 	</label>
 	<label class="search">Keywords
-		<input type="search" name="query" value="<?= Formatter::ToPlainText($query ?? '') ?>"/>
+		<input type="search" name="query" value="<?= Formatter::EscapeHtml($query ?? '') ?>"/>
 	</label>
 	<label class="select sort">
 		<span>Sort</span>
diff --git a/www/about/index.php b/www/about/index.php
index fb7e211c..d640c750 100644
--- a/www/about/index.php
+++ b/www/about/index.php
@@ -170,7 +170,7 @@ $anonymousPatronCount = Db::QueryInt('
 				<ol class="donors patrons">
 					<? foreach($patronsCircle as $patron){ ?>
 						<li>
-							<p><?= Formatter::ToPlainText(str_ireplace(['\'', ' and '], ['’', ' & '], $patron->SortedName)) ?></p>
+							<p><?= Formatter::EscapeHtml(str_ireplace(['\'', ' and '], ['’', ' & '], $patron->SortedName)) ?></p>
 						</li>
 					<? } ?>
 					<? if($anonymousPatronCount > 0){ ?>
diff --git a/www/artworks/get.php b/www/artworks/get.php
index 6b67a811..427030b1 100644
--- a/www/artworks/get.php
+++ b/www/artworks/get.php
@@ -48,7 +48,7 @@ catch(Exceptions\InvalidPermissionsException){
 ?><?= Template::Header(['title' => $artwork->Name, 'artwork' => true]) ?>
 <main class="artworks">
 	<section class="narrow">
-		<h1><?= Formatter::ToPlainText($artwork->Name) ?></h1>
+		<h1><?= Formatter::EscapeHtml($artwork->Name) ?></h1>
 
 		<?= Template::Error(['exception' => $exception]) ?>
 
@@ -69,12 +69,12 @@ catch(Exceptions\InvalidPermissionsException){
 		<table class="artwork-metadata">
 			<tr>
 				<td>Title</td>
-				<td><i><?= Formatter::ToPlainText($artwork->Name) ?></i></td>
+				<td><i><?= Formatter::EscapeHtml($artwork->Name) ?></i></td>
 			</tr>
 			<tr>
 				<td>Artist</td>
 				<td>
-					<?= Formatter::ToPlainText($artwork->Artist->Name) ?><? if(sizeof($artwork->Artist->AlternateSpellings) > 0){ ?> (A.K.A. <span class="author" typeof="schema:Person" property="schema:name"><?= implode('</span>, <span class="author" typeof="schema:Person" property="schema:name">', array_map('Formatter::ToPlainText', $artwork->Artist->AlternateSpellings)) ?></span>)<? } ?><? if($artwork->Artist->DeathYear !== null){ ?> (<abbr>d.</abbr> <?= $artwork->Artist->DeathYear ?>)<? } ?>
+					<?= Formatter::EscapeHtml($artwork->Artist->Name) ?><? if(sizeof($artwork->Artist->AlternateSpellings) > 0){ ?> (A.K.A. <span class="author" typeof="schema:Person" property="schema:name"><?= implode('</span>, <span class="author" typeof="schema:Person" property="schema:name">', array_map('Formatter::EscapeHtml', $artwork->Artist->AlternateSpellings)) ?></span>)<? } ?><? if($artwork->Artist->DeathYear !== null){ ?> (<abbr>d.</abbr> <?= $artwork->Artist->DeathYear ?>)<? } ?>
 				</td>
 			</tr>
 			<tr>
@@ -83,7 +83,7 @@ catch(Exceptions\InvalidPermissionsException){
 			</tr>
 			<tr>
 				<td>Tags</td>
-				<td><ul class="tags"><? foreach($artwork->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::ToPlainText($tag->Name) ?></a></li><? } ?></ul></td>
+				<td><ul class="tags"><? foreach($artwork->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::EscapeHtml($tag->Name) ?></a></li><? } ?></ul></td>
 			</tr>
 			<tr>
 				<td>Dimensions</td>
@@ -96,12 +96,12 @@ catch(Exceptions\InvalidPermissionsException){
 			<? if($isAdminView){ ?>
 				<tr>
 					<td>Submitted by</td>
-					<td><? if($artwork->Submitter === null){ ?>Anonymous<? }else{ ?><a href="mailto:<?= Formatter::ToPlainText($artwork->Submitter->Email) ?>"><? if($artwork->Submitter->Name !== null){ ?> <?= Formatter::ToPlainText($artwork->Submitter->Name) ?><? }else{ ?><?= Formatter::ToPlainText($artwork->Submitter->Email) ?><? } ?></a><? } ?></td>
+					<td><? if($artwork->Submitter === null){ ?>Anonymous<? }else{ ?><a href="mailto:<?= Formatter::EscapeHtml($artwork->Submitter->Email) ?>"><? if($artwork->Submitter->Name !== null){ ?> <?= Formatter::EscapeHtml($artwork->Submitter->Name) ?><? }else{ ?><?= Formatter::EscapeHtml($artwork->Submitter->Email) ?><? } ?></a><? } ?></td>
 				</tr>
 				<? if($artwork->Reviewer !== null){ ?>
 					<tr>
 						<td>Reviewed by</td>
-						<td><a href="mailto:<?= Formatter::ToPlainText($artwork->Reviewer->Email) ?>"><? if($artwork->Reviewer->Name !== null){ ?> <?= Formatter::ToPlainText($artwork->Reviewer->Name) ?><? }else{ ?><?= Formatter::ToPlainText($artwork->Reviewer->Email) ?><? } ?></a></td>
+						<td><a href="mailto:<?= Formatter::EscapeHtml($artwork->Reviewer->Email) ?>"><? if($artwork->Reviewer->Name !== null){ ?> <?= Formatter::EscapeHtml($artwork->Reviewer->Name) ?><? }else{ ?><?= Formatter::EscapeHtml($artwork->Reviewer->Email) ?><? } ?></a></td>
 					</tr>
 				<? } ?>
 			<? } ?>
@@ -110,10 +110,10 @@ catch(Exceptions\InvalidPermissionsException){
 		<h2>U.S. public domain proof</h2>
 		<? if($artwork->MuseumUrl !== null){ ?>
 			<h3>Museum page</h3>
-			<p><a href="<?= Formatter::ToPlainText($artwork->MuseumUrl) ?>"><?= Formatter::ToPlainText($artwork->MuseumUrl) ?></a></p>
+			<p><a href="<?= Formatter::EscapeHtml($artwork->MuseumUrl) ?>"><?= Formatter::EscapeHtml($artwork->MuseumUrl) ?></a></p>
 			<? if($artwork->Museum !== null){ ?>
 				<figure class="corrected full">
-					<p>Approved museum: <?= Formatter::ToPlainText($artwork->Museum->Name) ?> <code>(<?= Formatter::ToPlainText($artwork->Museum->Domain) ?>)</code></p>
+					<p>Approved museum: <?= Formatter::EscapeHtml($artwork->Museum->Name) ?> <code>(<?= Formatter::EscapeHtml($artwork->Museum->Domain) ?>)</code></p>
 				</figure>
 			<? }else{ ?>
 				<figure class="wrong full">
@@ -126,9 +126,9 @@ catch(Exceptions\InvalidPermissionsException){
 			<h3>Page scans</h3>
 			<ul>
 				<li>Year book was published: <? if($artwork->PublicationYear !== null){ ?><?= $artwork->PublicationYear ?><? }else{ ?><i>Not provided</i><? } ?></li>
-				<li>Page scan of book publication year: <? if($artwork->PublicationYearPageUrl !== null){ ?><a href="<?= Formatter::ToPlainText($artwork->PublicationYearPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
-				<li>Page scan of rights statement: <? if($artwork->CopyrightPageUrl !== null){ ?><a href="<?= Formatter::ToPlainText($artwork->CopyrightPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
-				<li>Page scan of artwork: <? if($artwork->ArtworkPageUrl !== null){ ?><a href="<?= Formatter::ToPlainText($artwork->ArtworkPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
+				<li>Page scan of book publication year: <? if($artwork->PublicationYearPageUrl !== null){ ?><a href="<?= Formatter::EscapeHtml($artwork->PublicationYearPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
+				<li>Page scan of rights statement: <? if($artwork->CopyrightPageUrl !== null){ ?><a href="<?= Formatter::EscapeHtml($artwork->CopyrightPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
+				<li>Page scan of artwork: <? if($artwork->ArtworkPageUrl !== null){ ?><a href="<?= Formatter::EscapeHtml($artwork->ArtworkPageUrl) ?>">Link</a><? }else{ ?><i>Not provided</i><? } ?></li>
 			</ul>
 		<? } ?>
 
@@ -144,7 +144,7 @@ catch(Exceptions\InvalidPermissionsException){
 
 		<? if($artwork->CanBeEditedBy($GLOBALS['User'] ?? null)){ ?>
 			<h2>Edit artwork</h2>
-			<p>Before approval, the editor and submitter may <a href="<?= $artwork->EditUrl ?>">edit <i><?= Formatter::ToPlainText($artwork->Name) ?></i></a>.</p>
+			<p>Before approval, the editor and submitter may <a href="<?= $artwork->EditUrl ?>">edit <i><?= Formatter::EscapeHtml($artwork->Name) ?></i></a>.</p>
 		<? } ?>
 
 		<? if($artwork->CanStatusBeChangedBy($GLOBALS['User'] ?? null) || $artwork->CanEbookWwwFilesysemPathBeChangedBy($GLOBALS['User'] ?? null)){ ?>
@@ -169,16 +169,16 @@ catch(Exceptions\InvalidPermissionsException){
 						</span>
 					</label>
 				<? }else{ ?>
-					<input type="hidden" name="artwork-status" value="<?= Formatter::ToPlainText($artwork->Status->value ?? '') ?>" />
+					<input type="hidden" name="artwork-status" value="<?= Formatter::EscapeHtml($artwork->Status->value ?? '') ?>" />
 				<? } ?>
 				<? if($artwork->CanEbookWwwFilesysemPathBeChangedBy($GLOBALS['User'] ?? null)){ ?>
 					<label>
 						<span>In use by</span>
 						<span>Ebook file system slug, like <code>c-s-lewis_poetry</code>. If not in use, leave this blank.</span>
-						<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?>"/>
+						<input type="text" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?>"/>
 					</label>
 				<? }else{ ?>
-					<input type="hidden" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::ToPlainText($artwork->EbookWwwFilesystemPath) ?>" />
+					<input type="hidden" name="artwork-ebook-www-filesystem-path" value="<?= Formatter::EscapeHtml($artwork->EbookWwwFilesystemPath) ?>" />
 				<? } ?>
 				<div class="footer">
 					<button>Save changes</button>
diff --git a/www/artworks/index.php b/www/artworks/index.php
index 70ca308a..570b6172 100644
--- a/www/artworks/index.php
+++ b/www/artworks/index.php
@@ -113,7 +113,7 @@ if($perPage !== ARTWORK_PER_PAGE){
 				</span>
 			</label>
 			<label class="search">Keywords
-				<input type="search" name="query" value="<?= Formatter::ToPlainText($query) ?>"/>
+				<input type="search" name="query" value="<?= Formatter::EscapeHtml($query) ?>"/>
 			</label>
 			<label class="sort">
 				<span>Sort</span>
diff --git a/www/bulk-downloads/collection.php b/www/bulk-downloads/collection.php
index d2f8d73c..90a38a4b 100644
--- a/www/bulk-downloads/collection.php
+++ b/www/bulk-downloads/collection.php
@@ -38,10 +38,10 @@ $title = preg_replace('/s$/', '', ucfirst($class));
 				<caption aria-hidden="hidden">Scroll right →</caption>
 				<tbody>
 			<? foreach($collection as $year => $months){
-				$yearHeader = Formatter::ToPlainText($year);
+				$yearHeader = Formatter::EscapeHtml($year);
 			 ?>
 				<tr class="year-header">
-					<th colspan="13" scope="colgroup" id="<?= $yearHeader ?>"><?= Formatter::ToPlainText((string)$year) ?></th>
+					<th colspan="13" scope="colgroup" id="<?= $yearHeader ?>"><?= Formatter::EscapeHtml((string)$year) ?></th>
 				</tr>
 				<tr class="mid-header">
 					<th id="<?= $yearHeader?>-type" scope="col">Month</th>
@@ -51,16 +51,16 @@ $title = preg_replace('/s$/', '', ucfirst($class));
 				</tr>
 
 				<? foreach($months as $month => $collection){
-					$monthHeader = Formatter::ToPlainText($month);
+					$monthHeader = Formatter::EscapeHtml($month);
 				?>
 				<tr>
-					<th class="row-header" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-type" id="<?= $monthHeader ?>"><?= Formatter::ToPlainText($month) ?></th>
-					<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-ebooks"><?= Formatter::ToPlainText(number_format($collection->EbookCount)) ?></td>
-					<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-updated"><?= Formatter::ToPlainText($collection->UpdatedString) ?></td>
+					<th class="row-header" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-type" id="<?= $monthHeader ?>"><?= Formatter::EscapeHtml($month) ?></th>
+					<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-ebooks"><?= Formatter::EscapeHtml(number_format($collection->EbookCount)) ?></td>
+					<td class="number" headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-updated"><?= Formatter::EscapeHtml($collection->UpdatedString) ?></td>
 
 					<? foreach($collection->ZipFiles as $item){ ?>
 						<td headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-download" class="download"><a href="<?= $item->Url ?>"><?= $item->Type ?></a></td>
-						<td headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-download">(<?= Formatter::ToPlainText($item->Size) ?>)</td>
+						<td headers="<?= $yearHeader ?> <?= $monthHeader ?> <?= $yearHeader ?>-download">(<?= Formatter::EscapeHtml($item->Size) ?>)</td>
 					<? } ?>
 				</tr>
 				<? } ?>
diff --git a/www/collections/index.php b/www/collections/index.php
index 0be79123..f963e9ef 100644
--- a/www/collections/index.php
+++ b/www/collections/index.php
@@ -13,7 +13,7 @@ $collections = Library::GetEbookCollections();
 		<ul>
 			<? foreach($collections as $collection){ ?>
 			<li>
-				<p><a href="<?= $collection->Url ?>"><?= Formatter::ToPlainText($collection->Name) ?></a></p>
+				<p><a href="<?= $collection->Url ?>"><?= Formatter::EscapeHtml($collection->Name) ?></a></p>
 			</li>
 			<? } ?>
 		</ul>
diff --git a/www/ebooks/author.php b/www/ebooks/author.php
index 448d0f9f..905dc718 100644
--- a/www/ebooks/author.php
+++ b/www/ebooks/author.php
@@ -19,7 +19,7 @@ try{
 	}
 
 	$author =  strip_tags($ebooks[0]->AuthorsHtml);
-	$authorUrl = Formatter::ToPlainText($ebooks[0]->AuthorsUrl);
+	$authorUrl = Formatter::EscapeHtml($ebooks[0]->AuthorsUrl);
 }
 catch(Exceptions\InvalidAuthorException){
 	Template::Emit404();
diff --git a/www/ebooks/ebook.php b/www/ebooks/ebook.php
index 6f347706..f7c5a9e9 100644
--- a/www/ebooks/ebook.php
+++ b/www/ebooks/ebook.php
@@ -110,24 +110,24 @@ catch(Exceptions\InvalidEbookException){
 ?><?= Template::Header(['title' => strip_tags($ebook->TitleWithCreditsHtml) . ' - Free ebook download', 'ogType' => 'book', 'coverUrl' => $ebook->DistCoverUrl, 'highlight' => 'ebooks', 'description' => 'Free epub ebook download of the Standard Ebooks edition of ' . $ebook->Title . ': ' . $ebook->Description]) ?>
 <main>
 	<article class="ebook" typeof="schema:Book" about="<?= $ebook->Url ?>">
-		<meta property="schema:description" content="<?= Formatter::ToPlainText($ebook->Description) ?>"/>
-		<meta property="schema:url" content="<?= SITE_URL . Formatter::ToPlainText($ebook->Url) ?>"/>
+		<meta property="schema:description" content="<?= Formatter::EscapeHtml($ebook->Description) ?>"/>
+		<meta property="schema:url" content="<?= SITE_URL . Formatter::EscapeHtml($ebook->Url) ?>"/>
 		<? if($ebook->WikipediaUrl){ ?>
-		<meta property="schema:sameAs" content="<?= Formatter::ToPlainText($ebook->WikipediaUrl) ?>"/>
+		<meta property="schema:sameAs" content="<?= Formatter::EscapeHtml($ebook->WikipediaUrl) ?>"/>
 		<? } ?>
 		<header>
 			<hgroup>
-				<h1 property="schema:name"><?= Formatter::ToPlainText($ebook->Title) ?></h1>
+				<h1 property="schema:name"><?= Formatter::EscapeHtml($ebook->Title) ?></h1>
 				<? foreach($ebook->Authors as $author){ ?>
 					<? /* We include the `resource` attr here because we can have multiple authors, and in that case their href URLs will link to their combined corpus.
 						For example, William Wordsworth & Samuel Coleridge will both link to /ebooks/william-wordsworth_samuel-taylor-coleridge
 						But, each author is an individual, so we have to differentiate them in RDFa with `resource` */ ?>
 					<? if($author->Name != 'Anonymous'){ ?>
-					<h2><a property="schema:author" typeof="schema:Person" href="<?= Formatter::ToPlainText($ebook->AuthorsUrl) ?>" resource="<?= '/ebooks/' . $author->UrlName ?>">
-						<span property="schema:name"><?= Formatter::ToPlainText($author->Name) ?></span>
-						<meta property="schema:url" content="<?= SITE_URL . Formatter::ToPlainText($ebook->AuthorsUrl) ?>"/>
-						<? if($author->NacoafUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::ToPlainText($author->NacoafUrl) ?>"/><? } ?>
-						<? if($author->WikipediaUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::ToPlainText($author->WikipediaUrl) ?>"/><? } ?>
+					<h2><a property="schema:author" typeof="schema:Person" href="<?= Formatter::EscapeHtml($ebook->AuthorsUrl) ?>" resource="<?= '/ebooks/' . $author->UrlName ?>">
+						<span property="schema:name"><?= Formatter::EscapeHtml($author->Name) ?></span>
+						<meta property="schema:url" content="<?= SITE_URL . Formatter::EscapeHtml($ebook->AuthorsUrl) ?>"/>
+						<? if($author->NacoafUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::EscapeHtml($author->NacoafUrl) ?>"/><? } ?>
+						<? if($author->WikipediaUrl){ ?><meta property="schema:sameAs" content="<?= Formatter::EscapeHtml($author->WikipediaUrl) ?>"/><? } ?>
 						</a>
 					</h2>
 					<? } ?>
@@ -148,7 +148,7 @@ catch(Exceptions\InvalidEbookException){
 			<? } ?>
 			<? if(sizeof($ebook->Collections) > 0){ ?>
 				<? foreach($ebook->Collections as $collection){ ?>
-					<p><? if($collection->SequenceNumber !== null){ ?>№ <?= number_format($collection->SequenceNumber) ?> in the<? }else{ ?>Part of the<? } ?> <a href="<?= $collection->Url ?>" property="schema:isPartOf"><?= Formatter::ToPlainText(preg_replace('/^The /ius', '', (string)$collection->Name)) ?></a>
+					<p><? if($collection->SequenceNumber !== null){ ?>№ <?= number_format($collection->SequenceNumber) ?> in the<? }else{ ?>Part of the<? } ?> <a href="<?= $collection->Url ?>" property="schema:isPartOf"><?= Formatter::EscapeHtml(preg_replace('/^The /ius', '', (string)$collection->Name)) ?></a>
 					<? if($collection->Type !== null){ ?>
 						<? if(substr_compare(mb_strtolower($collection->Name), mb_strtolower($collection->Type), -strlen(mb_strtolower($collection->Type))) !== 0){ ?>
 							<?= $collection->Type ?>.
@@ -159,7 +159,7 @@ catch(Exceptions\InvalidEbookException){
 					</p>
 				<? } ?>
 			<? } ?>
-			<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::ToPlainText($tag->Name) ?></a></li><? } ?></ul>
+			<ul class="tags"><? foreach($ebook->Tags as $tag){ ?><li><a href="<?= $tag->Url ?>"><?= Formatter::EscapeHtml($tag->Name) ?></a></li><? } ?></ul>
 		</aside>
 
 		<section id="description">
@@ -177,24 +177,24 @@ catch(Exceptions\InvalidEbookException){
 		</section>
 
 		<? if($ebook->HasDownloads){ ?>
-		<section id="read-free" property="schema:workExample" typeof="schema:Book" resource="<?= Formatter::ToPlainText($ebook->Url) ?>/downloads">
+		<section id="read-free" property="schema:workExample" typeof="schema:Book" resource="<?= Formatter::EscapeHtml($ebook->Url) ?>/downloads">
 			<meta property="schema:bookFormat" content="http://schema.org/EBook"/>
-			<meta property="schema:url" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->Url) ?>"/>
+			<meta property="schema:url" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->Url) ?>"/>
 			<meta property="schema:license" content="https://creativecommons.org/publicdomain/zero/1.0/"/>
 			<div property="schema:publisher" typeof="schema:Organization">
 				<meta property="schema:name" content="Standard Ebooks"/>
 				<meta property="schema:logo" content="https://standardebooks.org/images/logo-full.svg"/>
 				<meta property="schema:url" content="https://standardebooks.org"/>
 			</div>
-			<meta property="schema:image" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->DistCoverUrl) ?>"/>
-			<meta property="schema:thumbnailUrl" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->Url . '/downloads/cover-thumbnail.jpg') ?>"/>
-			<meta property="schema:inLanguage" content="<?= Formatter::ToPlainText($ebook->Language) ?>"/>
-			<meta property="schema:datePublished" content="<?= Formatter::ToPlainText($ebook->Created->format('Y-m-d')) ?>"/>
-			<meta property="schema:dateModified" content="<?= Formatter::ToPlainText($ebook->Updated->format('Y-m-d')) ?>"/>
+			<meta property="schema:image" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->DistCoverUrl) ?>"/>
+			<meta property="schema:thumbnailUrl" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->Url . '/downloads/cover-thumbnail.jpg') ?>"/>
+			<meta property="schema:inLanguage" content="<?= Formatter::EscapeHtml($ebook->Language) ?>"/>
+			<meta property="schema:datePublished" content="<?= Formatter::EscapeHtml($ebook->Created->format('Y-m-d')) ?>"/>
+			<meta property="schema:dateModified" content="<?= Formatter::EscapeHtml($ebook->Updated->format('Y-m-d')) ?>"/>
 			<div property="schema:potentialAction" typeof="http://schema.org/ReadAction">
 				<meta property="schema:actionStatus" content="http://schema.org/PotentialActionStatus"/>
 				<div property="schema:target" typeof="schema:EntryPoint">
-					<meta property="schema:urlTemplate" content="<?= Formatter::ToPlainText(SITE_URL . $ebook->Url) ?>"/>
+					<meta property="schema:urlTemplate" content="<?= Formatter::EscapeHtml(SITE_URL . $ebook->Url) ?>"/>
 					<meta property="schema:actionPlatform" content="http://schema.org/DesktopWebPlatform"/>
 					<meta property="schema:actionPlatform" content="http://schema.org/AndroidPlatform"/>
 					<meta property="schema:actionPlatform" content="http://schema.org/IOSPlatform"/>
@@ -298,13 +298,13 @@ catch(Exceptions\InvalidEbookException){
 				<? foreach($ebook->GitCommits as $commit){ ?>
 				<li>
 					<time datetime="<?= $commit->Created->format(DateTime::RFC3339) ?>"><?= $commit->Created->format('M j, Y') ?></time>
-					<p><a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>/commit/<?= Formatter::ToPlainText($commit->Hash) ?>"><?= Formatter::ToPlainText($commit->Message) ?></a></p>
+					<p><a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>/commit/<?= Formatter::EscapeHtml($commit->Hash) ?>"><?= Formatter::EscapeHtml($commit->Message) ?></a></p>
 				</li>
 				<? } ?>
 			</ol>
 			<? if($ebook->GitHubUrl !== null){ ?>
 			<aside>
-				<p>Read the <a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>/commits/master">full change history</a>.</p>
+				<p>Read the <a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>/commits/master">full change history</a>.</p>
 			</aside>
 			<? } ?>
 		</section>
@@ -315,12 +315,12 @@ catch(Exceptions\InvalidEbookException){
 			<ul>
 				<? if($ebook->GitHubUrl !== null){ ?>
 				<li>
-					<p><a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>" class="github">This ebook’s source code at GitHub</a></p>
+					<p><a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>" class="github">This ebook’s source code at GitHub</a></p>
 					</li>
 				<? } ?>
 				<? if($ebook->WikipediaUrl !== null){ ?>
 				<li>
-					<p><a href="<?= Formatter::ToPlainText($ebook->WikipediaUrl) ?>" class="wikipedia">This book at Wikipedia</a></p>
+					<p><a href="<?= Formatter::EscapeHtml($ebook->WikipediaUrl) ?>" class="wikipedia">This book at Wikipedia</a></p>
 				</li>
 				<? } ?>
 			</ul>
@@ -337,13 +337,13 @@ catch(Exceptions\InvalidEbookException){
 					<? foreach($transcriptionSources as $source){ ?>
 					<li>
 						<p>
-							<? if($source->Type == SOURCE_PROJECT_GUTENBERG){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg</a>
-							<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_AUSTRALIA){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Australia</a>
-							<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_CANADA){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Canada</a>
-							<? }elseif($source->Type == SOURCE_WIKISOURCE){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="wikisource">Transcription at Wikisource</a>
-							<? }elseif($source->Type == SOURCE_FADED_PAGE){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe">Transcription at Faded Page</a>
+							<? if($source->Type == SOURCE_PROJECT_GUTENBERG){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg</a>
+							<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_AUSTRALIA){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Australia</a>
+							<? }elseif($source->Type == SOURCE_PROJECT_GUTENBERG_CANADA){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="project-gutenberg">Transcription at Project Gutenberg Canada</a>
+							<? }elseif($source->Type == SOURCE_WIKISOURCE){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="wikisource">Transcription at Wikisource</a>
+							<? }elseif($source->Type == SOURCE_FADED_PAGE){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe">Transcription at Faded Page</a>
 							<? }else{?>
-								<a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe">Transcription</a>
+								<a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe">Transcription</a>
 							<? } ?>
 						</p>
 					</li>
@@ -358,10 +358,10 @@ catch(Exceptions\InvalidEbookException){
 					<? foreach($scanSources as $source){ ?>
 					<li>
 						<p>
-							<? if($source->Type == SOURCE_INTERNET_ARCHIVE){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="internet-archive">Page scans at the Internet Archive</a>
-							<? }elseif($source->Type == SOURCE_HATHI_TRUST){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="hathitrust">Page scans at HathiTrust</a>
-							<? }elseif($source->Type == SOURCE_GOOGLE_BOOKS){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="google">Page scans at Google Books</a>
-							<? }else{ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe">Page scans</a><? } ?>
+							<? if($source->Type == SOURCE_INTERNET_ARCHIVE){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="internet-archive">Page scans at the Internet Archive</a>
+							<? }elseif($source->Type == SOURCE_HATHI_TRUST){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="hathitrust">Page scans at HathiTrust</a>
+							<? }elseif($source->Type == SOURCE_GOOGLE_BOOKS){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="google">Page scans at Google Books</a>
+							<? }else{ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe">Page scans</a><? } ?>
 						</p>
 					</li>
 					<? } ?>
@@ -375,7 +375,7 @@ catch(Exceptions\InvalidEbookException){
 					<? foreach($otherSources as $source){ ?>
 					<li>
 						<p>
-							<? if($source->Type == SOURCE_OTHER){ ?><a href="<?= Formatter::ToPlainText($source->Url) ?>" class="globe"><?= Formatter::ToPlainText(preg_replace(['|https?://(en\.)?|', '|/.+$|'], '', (string)$source->Url)) /* force type to (string) to satisfy PHPStan */ ?></a><? } ?>
+							<? if($source->Type == SOURCE_OTHER){ ?><a href="<?= Formatter::EscapeHtml($source->Url) ?>" class="globe"><?= Formatter::EscapeHtml(preg_replace(['|https?://(en\.)?|', '|/.+$|'], '', (string)$source->Url)) /* force type to (string) to satisfy PHPStan */ ?></a><? } ?>
 						</p>
 					</li>
 					<? } ?>
@@ -389,7 +389,7 @@ catch(Exceptions\InvalidEbookException){
 			<h2>Improve this ebook</h2>
 			<p>Anyone can contribute to make a Standard Ebook better for everyone!</p>
 			<p>To report typos, typography errors, or other corrections, see <a href="/contribute/report-errors">how to report errors</a>.</p>
-			<? if($ebook->GitHubUrl !== null){ ?><p>If you’re comfortable with technology and want to contribute directly, check out <a href="<?= Formatter::ToPlainText($ebook->GitHubUrl) ?>">this ebook’s GitHub repository</a> and our <a href="/contribute">contributors section</a>.</p><? } ?>
+			<? if($ebook->GitHubUrl !== null){ ?><p>If you’re comfortable with technology and want to contribute directly, check out <a href="<?= Formatter::EscapeHtml($ebook->GitHubUrl) ?>">this ebook’s GitHub repository</a> and our <a href="/contribute">contributors section</a>.</p><? } ?>
 			<p>You can also <a href="/donate">donate to Standard Ebooks</a> to help fund continuing improvement of this and other ebooks.</p>
 		</section>
 
@@ -403,7 +403,7 @@ catch(Exceptions\InvalidEbookException){
 						<picture>
 							<? if($carouselEbook->CoverImage2xAvifUrl !== null){ ?><source srcset="<?= $carouselEbook->CoverImage2xAvifUrl ?> 2x, <?= $carouselEbook->CoverImageAvifUrl ?> 1x" type="image/avif"/><? } ?>
 							<source srcset="<?= $carouselEbook->CoverImage2xUrl ?> 2x, <?= $carouselEbook->CoverImageUrl ?> 1x" type="image/jpg"/>
-							<img src="<?= $carouselEbook->CoverImageUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::ToPlainText(strip_tags($carouselEbook->TitleWithCreditsHtml)) ?>" height="200" width="134" loading="lazy"/>
+							<img src="<?= $carouselEbook->CoverImageUrl ?>" alt="The cover for the Standard Ebooks edition of <?= Formatter::EscapeHtml(strip_tags($carouselEbook->TitleWithCreditsHtml)) ?>" height="200" width="134" loading="lazy"/>
 						</picture>
 					</a>
 				</li>
diff --git a/www/ebooks/index.php b/www/ebooks/index.php
index 08348b27..31ed03f1 100644
--- a/www/ebooks/index.php
+++ b/www/ebooks/index.php
@@ -66,9 +66,9 @@ try{
 			$collectionName = preg_replace('/^The /ius', '', $collectionObject->Name);
 			$collectionType = $collectionObject->Type ?? 'collection';
 
-			$pageTitle = 'Browse free ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . $collectionType;
-			$pageDescription = 'A list of free ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . $collectionType;
-			$pageHeader = 'Free Ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . ucfirst($collectionType);
+			$pageTitle = 'Browse free ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . $collectionType;
+			$pageDescription = 'A list of free ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . $collectionType;
+			$pageHeader = 'Free Ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . ucfirst($collectionType);
 		}
 		else{
 			throw new Exceptions\InvalidCollectionException();
@@ -114,8 +114,8 @@ try{
 	$queryString = preg_replace('/^&amp;/ius', '', $queryString);
 
 	if($collection !== null){
-		$feedUrl = '/collections/' . Formatter::ToPlainText($collection);
-		$feedTitle = 'Standard Ebooks - Ebooks in the ' . Formatter::ToPlainText($collectionName) . ' ' . $collectionType;
+		$feedUrl = '/collections/' . Formatter::EscapeHtml($collection);
+		$feedTitle = 'Standard Ebooks - Ebooks in the ' . Formatter::EscapeHtml($collectionName) . ' ' . $collectionType;
 	}
 }
 catch(Exceptions\InvalidCollectionException){
@@ -134,8 +134,8 @@ catch(Exceptions\InvalidCollectionException){
 	<? } ?>
 	<? if($collection !== null){ ?>
 		<p class="ebooks-toolbar">
-			<a class="button" href="/collections/<?= Formatter::ToPlainText($collection) ?>/downloads">Download collection</a>
-			<a class="button" href="/collections/<?= Formatter::ToPlainText($collection) ?>/feeds">Collection feeds</a>
+			<a class="button" href="/collections/<?= Formatter::EscapeHtml($collection) ?>/downloads">Download collection</a>
+			<a class="button" href="/collections/<?= Formatter::EscapeHtml($collection) ?>/feeds">Collection feeds</a>
 		</p>
 	<? } ?>
 	<? if(sizeof($ebooks) == 0){ ?>
diff --git a/www/feeds/atom/search.php b/www/feeds/atom/search.php
index 27dc59e6..8fbe3a10 100644
--- a/www/feeds/atom/search.php
+++ b/www/feeds/atom/search.php
@@ -23,7 +23,7 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<?xml-stylesheet href=\"" . S
 	<link href="<?= SITE_URL ?>/ebooks/ebooks?query=<?= urlencode($query) ?>" rel="alternate" type="text/html"/>
 	<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml"/>
 	<title>Search Results</title>
-	<subtitle>Results for “<?= Formatter::ToPlainXmlText($query) ?>”.</subtitle>
+	<subtitle>Results for “<?= Formatter::EscapeXml($query) ?>”.</subtitle>
 	<icon><?= SITE_URL ?>/images/logo.png</icon>
 	<updated><?= (new Datetime())->Format('Y-m-d\TH:i:s\Z') ?></updated>
 	<author>
diff --git a/www/feeds/collection.php b/www/feeds/collection.php
index 891177b4..6de1e069 100644
--- a/www/feeds/collection.php
+++ b/www/feeds/collection.php
@@ -40,8 +40,8 @@ catch(Safe\Exceptions\ApcuException){
 			<ul class="feed">
 				<? foreach($feeds as $feed){ ?>
 				<li>
-					<p><a href="<?= Formatter::ToPlainText($feed->Url) ?>"><?= Formatter::ToPlainText($feed->Label) ?></a></p>
-					<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?><?= Formatter::ToPlainText($feed->Url) ?></p>
+					<p><a href="<?= Formatter::EscapeHtml($feed->Url) ?>"><?= Formatter::EscapeHtml($feed->Label) ?></a></p>
+					<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?><?= Formatter::EscapeHtml($feed->Url) ?></p>
 				</li>
 				<? } ?>
 			</ul>
diff --git a/www/feeds/get.php b/www/feeds/get.php
index 867cbfbb..71772183 100644
--- a/www/feeds/get.php
+++ b/www/feeds/get.php
@@ -54,7 +54,7 @@ catch(Exceptions\InvalidCollectionException){
 ?><?= Template::Header(['title' => $title, 'feedTitle' => $feedTitle, 'feedUrl' => $feedUrl, 'description' => $description]) ?>
 <main>
 	<article>
-		<h1>Ebook Feeds for <?= Formatter::ToPlainText($label) ?></h1>
+		<h1>Ebook Feeds for <?= Formatter::EscapeHtml($label) ?></h1>
 		<?= Template::FeedHowTo() ?>
 		<? foreach($feedTypes as $type){ ?>
 		<section id="ebooks-by-<?= $type ?>">
@@ -70,7 +70,7 @@ catch(Exceptions\InvalidCollectionException){
 			<? } ?>
 			<ul class="feed">
 				<li>
-					<p><a href="/feeds/<?= $type ?>/<?= $name ?>/<?= $target?>"><?= Formatter::ToPlainText($label) ?></a></p>
+					<p><a href="/feeds/<?= $type ?>/<?= $name ?>/<?= $target?>"><?= Formatter::EscapeHtml($label) ?></a></p>
 					<p class="url"><? if($GLOBALS['User'] !== null){ ?>https://<?= rawurlencode($GLOBALS['User']->Email) ?>@<?= SITE_DOMAIN ?><? }else{ ?><?= SITE_URL ?><? } ?>/feeds/<?= $type ?>/<?= $name ?>/<?= $target?></p>
 				</li>
 			</ul>
diff --git a/www/feeds/opds/search.php b/www/feeds/opds/search.php
index f3ea151c..6717dc4f 100644
--- a/www/feeds/opds/search.php
+++ b/www/feeds/opds/search.php
@@ -24,7 +24,7 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<?xml-stylesheet href=\"". SI
 	<link href="<?= SITE_URL ?>/feeds/opds/all" rel="http://opds-spec.org/crawlable" type="application/atom+xml;profile=opds-catalog;kind=acquisition; charset=utf-8"/>
 	<link href="<?= SITE_URL ?>/ebooks/opensearch" rel="search" type="application/opensearchdescription+xml; charset=utf-8"/>
 	<title>Search Results</title>
-	<subtitle>Results for “<?= Formatter::ToPlainXmlText($query) ?>”.</subtitle>
+	<subtitle>Results for “<?= Formatter::EscapeXml($query) ?>”.</subtitle>
 	<icon><?= SITE_URL ?>/images/logo.png</icon>
 	<updated><?= (new Datetime())->Format('Y-m-d\TH:i:s\Z') ?></updated>
 	<author>
diff --git a/www/feeds/rss/search.php b/www/feeds/rss/search.php
index 82aaaa15..b653eb30 100644
--- a/www/feeds/rss/search.php
+++ b/www/feeds/rss/search.php
@@ -21,7 +21,7 @@ print("<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<?xml-stylesheet href=\"" . S
 	<channel>
 		<title>Search Results</title>
 		<link><?= SITE_URL ?></link>
-		<description>Results for “<?= Formatter::ToPlainXmlText($query) ?>”.</description>
+		<description>Results for “<?= Formatter::EscapeXml($query) ?>”.</description>
 		<language>en-US</language>
 		<copyright>https://creativecommons.org/publicdomain/zero/1.0/</copyright>
 		<lastBuildDate><?= (new DateTime())->format('r') ?></lastBuildDate>
diff --git a/www/newsletter/subscriptions/new.php b/www/newsletter/subscriptions/new.php
index 213ad3f5..d29eb8fc 100644
--- a/www/newsletter/subscriptions/new.php
+++ b/www/newsletter/subscriptions/new.php
@@ -32,7 +32,7 @@ if($exception){
 				<input type="text" name="automationtest" value="" maxlength="80" />
 			</label>
 			<label class="email">Your email address
-				<input type="email" name="email" value="<? if($subscription->User !== null){ ?><?= Formatter::ToPlainText($subscription->User->Email) ?><? } ?>" maxlength="80" required="required" />
+				<input type="email" name="email" value="<? if($subscription->User !== null){ ?><?= Formatter::EscapeHtml($subscription->User->Email) ?><? } ?>" maxlength="80" required="required" />
 			</label>
 			<label class="captcha">
 				Type the letters in the <abbr class="acronym">CAPTCHA</abbr> image
diff --git a/www/polls/get.php b/www/polls/get.php
index 8ac68e06..a8ee5734 100644
--- a/www/polls/get.php
+++ b/www/polls/get.php
@@ -31,7 +31,7 @@ catch(Exceptions\AppException){
 ?><?= Template::Header(['title' => $poll->Name, 'highlight' => '', 'description' => $poll->Description]) ?>
 <main>
 	<section class="narrow">
-		<h1><?= Formatter::ToPlainText($poll->Name) ?></h1>
+		<h1><?= Formatter::EscapeHtml($poll->Name) ?></h1>
 		<p><?= $poll->Description ?></p>
 		<? if($poll->IsActive()){ ?>
 			<? if($poll->End !== null){ ?>
diff --git a/www/polls/index.php b/www/polls/index.php
index d8b0d376..04670833 100644
--- a/www/polls/index.php
+++ b/www/polls/index.php
@@ -37,7 +37,7 @@ $openPolls = Db::Query('
 				<ul>
 				<? foreach($openPolls as $poll){ ?>
 					<li>
-						<p><a href="<?= $poll->Url ?>"><?= Formatter::ToPlainText($poll->Name) ?></a></p>
+						<p><a href="<?= $poll->Url ?>"><?= Formatter::EscapeHtml($poll->Name) ?></a></p>
 					</li>
 				<? } ?>
 				</ul>
@@ -49,7 +49,7 @@ $openPolls = Db::Query('
 				<ul>
 				<? foreach($pastPolls as $poll){ ?>
 					<li>
-						<p><a href="<?= $poll->Url ?>"><?= Formatter::ToPlainText($poll->Name) ?></a></p>
+						<p><a href="<?= $poll->Url ?>"><?= Formatter::EscapeHtml($poll->Name) ?></a></p>
 					</li>
 				<? } ?>
 				</ul>
diff --git a/www/polls/votes/get.php b/www/polls/votes/get.php
index 11e53eec..19f3bf68 100644
--- a/www/polls/votes/get.php
+++ b/www/polls/votes/get.php
@@ -24,9 +24,9 @@ catch(Exceptions\AppException){
 	<section class="narrow">
 		<h1>Your vote has been recorded!</h1>
 		<? if($created){ ?>
-			<p class="center-notice">Thank you for voting in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::ToPlainText($vote->PollItem->Poll->Name) ?> poll</a>.</p>
+			<p class="center-notice">Thank you for voting in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::EscapeHtml($vote->PollItem->Poll->Name) ?> poll</a>.</p>
 		<? }else{ ?>
-			<p class="center-notice">Your vote in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::ToPlainText($vote->PollItem->Poll->Name) ?> poll</a> was submitted on <?= $vote->Created->format('F j, Y g:i a') ?>.</p>
+			<p class="center-notice">Your vote in the <a href="<?= $vote->PollItem->Poll->Url ?>"><?= Formatter::EscapeHtml($vote->PollItem->Poll->Name) ?> poll</a> was submitted on <?= $vote->Created->format('F j, Y g:i a') ?>.</p>
 		<? } ?>
 		<p class="button-row narrow"><a class="button" href="<?= $vote->PollItem->Poll->Url ?>/votes"> view results</a></p>
 	</section>
diff --git a/www/polls/votes/index.php b/www/polls/votes/index.php
index 63780830..d17eeeba 100644
--- a/www/polls/votes/index.php
+++ b/www/polls/votes/index.php
@@ -11,7 +11,7 @@ catch(Exceptions\AppException){
 ?><?= Template::Header(['title' => 'Results for the ' . $poll->Name . ' Poll', 'highlight' => '', 'description' => 'The voting results for the ' . $poll->Name . ' poll.']) ?>
 <main>
 	<section class="narrow">
-		<h1>Results for the <?= Formatter::ToPlainText($poll->Name) ?> Poll</h1>
+		<h1>Results for the <?= Formatter::EscapeHtml($poll->Name) ?> Poll</h1>
 		<p class="center-notice">Total votes: <?= number_format($poll->VoteCount) ?></p>
 		<? if($poll->IsActive()){ ?>
 			<? if($poll->End !== null){ ?>
diff --git a/www/polls/votes/new.php b/www/polls/votes/new.php
index 6142a3bb..133dd0ff 100644
--- a/www/polls/votes/new.php
+++ b/www/polls/votes/new.php
@@ -54,10 +54,10 @@ catch(Exceptions\PollVoteExistsException $ex){
 ?><?= Template::Header(['title' => $poll->Name . ' - Vote Now', 'highlight' => '', 'description' => 'Vote in the ' . $poll->Name . ' poll']) ?>
 <main>
 	<section class="narrow">
-		<h1>Vote in the <?= Formatter::ToPlainText($poll->Name) ?> Poll</h1>
+		<h1>Vote in the <?= Formatter::EscapeHtml($poll->Name) ?> Poll</h1>
 		<?= Template::Error(['exception' => $exception]) ?>
-		<form method="post" action="<?= Formatter::ToPlainText($poll->Url) ?>/votes">
-			<input type="hidden" name="email" value="<? if($vote->User !== null){ ?><?= Formatter::ToPlainText($vote->User->Email) ?><? } ?>" maxlength="80" required="required" />
+		<form method="post" action="<?= Formatter::EscapeHtml($poll->Url) ?>/votes">
+			<input type="hidden" name="email" value="<? if($vote->User !== null){ ?><?= Formatter::EscapeHtml($vote->User->Email) ?><? } ?>" maxlength="80" required="required" />
 			<fieldset>
 				<p>Select one of these options.</p>
 				<ul>
@@ -68,7 +68,7 @@ catch(Exceptions\PollVoteExistsException $ex){
 							<span>
 								<b><?= $pollItem->Name ?></b>
 							<? if($pollItem->Description !== null){ ?>
-								<span><?= Formatter::ToPlainText($pollItem->Description) ?></span>
+								<span><?= Formatter::EscapeHtml($pollItem->Description) ?></span>
 							<? } ?>
 							</span>
 						</label>
diff --git a/www/sessions/new.php b/www/sessions/new.php
index 7096101f..0fa6e798 100644
--- a/www/sessions/new.php
+++ b/www/sessions/new.php
@@ -40,17 +40,17 @@ if($exception){
 			<p><strong>Important:</strong> When making your donation, you must have selected either “List my name publicly” or “Don’t list publicly, but reveal to project” on the donation form; otherwise, your email address isn’t shared with us, and we can’t include you in our login system.</p>
 		<? } ?>
 		<form method="post" action="/sessions" class="single-row">
-			<input type="hidden" name="redirect" value="<?= Formatter::ToPlainText($redirect) ?>" />
+			<input type="hidden" name="redirect" value="<?= Formatter::EscapeHtml($redirect) ?>" />
 			<? if($passwordRequired){ ?>
-				<input type="hidden" name="email" value="<?= Formatter::ToPlainText($email) ?>" maxlength="80" required="required" />
+				<input type="hidden" name="email" value="<?= Formatter::EscapeHtml($email) ?>" maxlength="80" required="required" />
 				<label class="password">
 					<span>Your password</span>
-					<span>Logging in as <?= Formatter::ToPlainText($email) ?>.</span>
+					<span>Logging in as <?= Formatter::EscapeHtml($email) ?>.</span>
 					<input type="password" name="password" value="" required="required" />
 				</label>
 			<? }else{ ?>
 				<label class="email">Your email address
-					<input type="email" name="email" value="<?= Formatter::ToPlainText($email) ?>" maxlength="80" required="required" />
+					<input type="email" name="email" value="<?= Formatter::EscapeHtml($email) ?>" maxlength="80" required="required" />
 				</label>
 			<? } ?>
 			<button>Log in</button>