From 52c1aef50b347237e6b138729ce9b5b959765475 Mon Sep 17 00:00:00 2001
From: Dennis Eichhorn <spl1nes.com@googlemail.com>
Date: Mon, 24 Jul 2017 20:48:22 +0200
Subject: [PATCH] Add html escaping

---
 Theme/Backend/clients-create.tpl.php  | 170 ++++++++++++------------
 Theme/Backend/clients-list.tpl.php    |  50 ++++----
 Theme/Backend/clients-profile.tpl.php | 178 +++++++++++++-------------
 3 files changed, 199 insertions(+), 199 deletions(-)
diff --git a/Theme/Backend/clients-create.tpl.php b/Theme/Backend/clients-create.tpl.php
index bc4e4e5..0ac2d47 100644
--- a/Theme/Backend/clients-create.tpl.php
+++ b/Theme/Backend/clients-create.tpl.php
@@ -20,15 +20,15 @@ echo $this->getData('nav')->render(); ?>
 <div class="tabular-2">
     <div class="box">
         <ul class="tab-links">
-            <li><label for="c-tab-1"><?= $this->getText('Master') ?></label></li>
-            <li><label for="c-tab-2"><?= $this->getText('Contact') ?></label></li>
-            <li><label for="c-tab-3"><?= $this->getText('Addresses') ?></label></li>
-            <li><label for="c-tab-4"><?= $this->getText('PaymentTerm') ?></label></li>
-            <li><label for="c-tab-5"><?= $this->getText('Payment') ?></label></li>
-            <li><label for="c-tab-6"><?= $this->getText('Prices') ?></label></li>
-            <li><label for="c-tab-7"><?= $this->getText('AreaManager') ?></label></li>
-            <li><label for="c-tab-8"><?= $this->getText('Files') ?></label></li>
-            <li><label for="c-tab-9"><?= $this->getText('Logs') ?></label>
+            <li><label for="c-tab-1"><?= $this->getHtml('Master'); ?></label></li>
+            <li><label for="c-tab-2"><?= $this->getHtml('Contact'); ?></label></li>
+            <li><label for="c-tab-3"><?= $this->getHtml('Addresses'); ?></label></li>
+            <li><label for="c-tab-4"><?= $this->getHtml('PaymentTerm'); ?></label></li>
+            <li><label for="c-tab-5"><?= $this->getHtml('Payment'); ?></label></li>
+            <li><label for="c-tab-6"><?= $this->getHtml('Prices'); ?></label></li>
+            <li><label for="c-tab-7"><?= $this->getHtml('AreaManager'); ?></label></li>
+            <li><label for="c-tab-8"><?= $this->getHtml('Files'); ?></label></li>
+            <li><label for="c-tab-9"><?= $this->getHtml('Logs'); ?></label>
         </ul>
     </div>
     <div class="tab-content">
@@ -37,19 +37,19 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Client') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Client'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iId"><?= $this->getText('ID', 0, 0); ?></label>
+                                    <tr><td><label for="iId"><?= $this->getHtml('ID', 0, 0); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="number" id="iId" min="1" name="id" required></span>
-                                    <tr><td><label for="iName1"><?= $this->getText('Name1'); ?></label>
+                                    <tr><td><label for="iName1"><?= $this->getHtml('Name1') ?></label>
                                     <tr><td><input type="text" id="iName1" name="name1" placeholder="&#xf040;" required>
-                                    <tr><td><label for="iName2"><?= $this->getText('Name2'); ?></label>
+                                    <tr><td><label for="iName2"><?= $this->getHtml('Name2') ?></label>
                                     <tr><td><input type="text" id="iName2" name="name2" placeholder="&#xf040;">
-                                    <tr><td><label for="iName3"><?= $this->getText('Name3'); ?></label>
+                                    <tr><td><label for="iName3"><?= $this->getHtml('Name3') ?></label>
                                     <tr><td><input type="text" id="iName3" name="name3" placeholder="&#xf040;">
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Create', 0, 0); ?>">
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Create', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -62,29 +62,29 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Contact') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Contact'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iCType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iCType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iCType" name="actype">
-                                                <option><?= $this->getText('Email'); ?>
-                                                <option><?= $this->getText('Fax'); ?>
-                                                <option><?= $this->getText('Phone'); ?>
+                                                <option><?= $this->getHtml('Email') ?>
+                                                <option><?= $this->getHtml('Fax') ?>
+                                                <option><?= $this->getHtml('Phone') ?>
                                             </select>
-                                    <tr><td><label for="iCStype"><?= $this->getText('Subtype'); ?></label>
+                                    <tr><td><label for="iCStype"><?= $this->getHtml('Subtype') ?></label>
                                     <tr><td><select id="iCStype" name="acstype">
-                                                <option><?= $this->getText('Office'); ?>
-                                                <option><?= $this->getText('Sales'); ?>
-                                                <option><?= $this->getText('Purchase'); ?>
-                                                <option><?= $this->getText('Accounting'); ?>
-                                                <option><?= $this->getText('Support'); ?>
+                                                <option><?= $this->getHtml('Office') ?>
+                                                <option><?= $this->getHtml('Sales') ?>
+                                                <option><?= $this->getHtml('Purchase') ?>
+                                                <option><?= $this->getHtml('Accounting') ?>
+                                                <option><?= $this->getHtml('Support') ?>
                                             </select>
-                                    <tr><td><label for="iCInfo"><?= $this->getText('Info'); ?></label>
+                                    <tr><td><label for="iCInfo"><?= $this->getHtml('Info') ?></label>
                                     <tr><td><input type="text" id="iCInfo" name="cinfo">
-                                    <tr><td><label for="iCData"><?= $this->getText('Contact'); ?></label>
+                                    <tr><td><label for="iCData"><?= $this->getHtml('Contact') ?></label>
                                     <tr><td><input type="text" id="iCData" name="cdata">
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -97,26 +97,26 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Address') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Address'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iAType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iAType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iAType" name="atype">
-                                                <option><?= $this->getText('Default'); ?>
-                                                <option><?= $this->getText('Delivery'); ?>
-                                                <option><?= $this->getText('Invoice'); ?>
+                                                <option><?= $this->getHtml('Default') ?>
+                                                <option><?= $this->getHtml('Delivery') ?>
+                                                <option><?= $this->getHtml('Invoice') ?>
                                             </select>
-                                    <tr><td><label for="iAddress"><?= $this->getText('Address'); ?></label>
+                                    <tr><td><label for="iAddress"><?= $this->getHtml('Address') ?></label>
                                     <tr><td><input type="text" id="iAddress" name="address">
-                                    <tr><td><label for="iZip"><?= $this->getText('Zip'); ?></label>
+                                    <tr><td><label for="iZip"><?= $this->getHtml('Zip') ?></label>
                                     <tr><td><input type="text" id="iZip" name="zip">
-                                    <tr><td><label for="iCountry"><?= $this->getText('Country'); ?></label>
+                                    <tr><td><label for="iCountry"><?= $this->getHtml('Country') ?></label>
                                     <tr><td><input type="text" id="iCountry" name="country">
-                                    <tr><td><label for="iAInfo"><?= $this->getText('Info'); ?></label>
+                                    <tr><td><label for="iAInfo"><?= $this->getHtml('Info') ?></label>
                                     <tr><td><input type="text" id="iAInfo" name="ainfo">
-                                    <tr><td><span class="check"><input type="checkbox" id="iDefault" name="default" checked><label for="iDefault"><?= $this->getText('IsDefault'); ?></label></span>
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><span class="check"><input type="checkbox" id="iDefault" name="default" checked><label for="iDefault"><?= $this->getHtml('IsDefault') ?></label></span>
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -129,26 +129,26 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('PaymentTerm') ?></h1></header>
+                        <header><h1><?= $this->getHtml('PaymentTerm'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iSource"><?= $this->getText('ID') ?></label>
+                                    <tr><td><label for="iSource"><?= $this->getHtml('ID'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iSource" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSegment"><?= $this->getText('Segment') ?></label>
+                                    <tr><td><label for="iSegment"><?= $this->getHtml('Segment'); ?></label>
                                     <tr><td><input id="iSegment" name="segment" type="text" placeholder="">
-                                    <tr><td><label for="iProductgroup"><?= $this->getText('Productgroup') ?></label>
+                                    <tr><td><label for="iProductgroup"><?= $this->getHtml('Productgroup'); ?></label>
                                     <tr><td><input id="iProductgroup" name="productgroup" type="text" placeholder="">
-                                    <tr><td><label for="iGroup"><?= $this->getText('Group') ?></label>
+                                    <tr><td><label for="iGroup"><?= $this->getHtml('Group'); ?></label>
                                     <tr><td><input id="iGroup" name="group" type="text" placeholder="">
-                                    <tr><td><label for="iArticlegroup"><?= $this->getText('Articlegroup') ?></label>
+                                    <tr><td><label for="iArticlegroup"><?= $this->getHtml('Articlegroup'); ?></label>
                                     <tr><td><input id="iArticlegroup" name="articlegroup" type="text" placeholder="">
-                                    <tr><td><label for="iTerm"><?= $this->getText('Type') ?></label>
+                                    <tr><td><label for="iTerm"><?= $this->getHtml('Type'); ?></label>
                                     <tr><td><select id="iTerm" name="term" required>
                                                 <option>
                                             </select>
-                                    <tr><td><span class="check"><input type="checkbox" id="iFreightage" name="freightage"><label for="iFreightage"><?= $this->getText('Freightage') ?></label></span>
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><span class="check"><input type="checkbox" id="iFreightage" name="freightage"><label for="iFreightage"><?= $this->getHtml('Freightage'); ?></label></span>
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -161,16 +161,16 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Payment') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Payment'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iACType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iACType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iACType" name="actype">
-                                                <option><?= $this->getText('Wire'); ?>
-                                                <option><?= $this->getText('Creditcard'); ?>
+                                                <option><?= $this->getHtml('Wire') ?>
+                                                <option><?= $this->getHtml('Creditcard') ?>
                                             </select>
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -183,36 +183,36 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Price') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Price'); ?></h1></header>
                         <div class="inner">
                             <form action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/...'); ?>" method="post">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iPType"><?= $this->getText('Type') ?></label>
+                                    <tr><td colspan="2"><label for="iPType"><?= $this->getHtml('Type'); ?></label>
                                     <tr><td><select id="iPType" name="ptye">
                                                 <option>
                                             </select><td>
-                                    <tr><td><label for="iSource"><?= $this->getText('ID') ?></label>
+                                    <tr><td><label for="iSource"><?= $this->getHtml('ID'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iSource" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSegment"><?= $this->getText('Segment') ?></label>
+                                    <tr><td><label for="iSegment"><?= $this->getHtml('Segment'); ?></label>
                                     <tr><td><input id="iSegment" name="segment" type="text" placeholder="">
-                                    <tr><td><label for="iProductgroup"><?= $this->getText('Productgroup') ?></label>
+                                    <tr><td><label for="iProductgroup"><?= $this->getHtml('Productgroup'); ?></label>
                                     <tr><td><input id="iProductgroup" name="productgroup" type="text" placeholder="">
-                                    <tr><td><label for="iGroup"><?= $this->getText('Group') ?></label>
+                                    <tr><td><label for="iGroup"><?= $this->getHtml('Group'); ?></label>
                                     <tr><td><input id="iGroup" name="group" type="text" placeholder="">
-                                    <tr><td><label for="iArticlegroup"><?= $this->getText('Articlegroup') ?></label>
+                                    <tr><td><label for="iArticlegroup"><?= $this->getHtml('Articlegroup'); ?></label>
                                     <tr><td><input id="iArticlegroup" name="articlegroup" type="text" placeholder="">
-                                    <tr><td><label for="iPQuantity"><?= $this->getText('Quantity') ?></label>
+                                    <tr><td><label for="iPQuantity"><?= $this->getHtml('Quantity'); ?></label>
                                     <tr><td><input id="iPQuantity" name="quantity" type="text" placeholder=""><td>
-                                    <tr><td><label for="iPrice"><?= $this->getText('Price') ?></label>
+                                    <tr><td><label for="iPrice"><?= $this->getHtml('Price'); ?></label>
                                     <tr><td><input id="iPrice" name="price" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><label for="iDiscount"><?= $this->getText('Discount') ?></label>
+                                    <tr><td><label for="iDiscount"><?= $this->getHtml('Discount'); ?></label>
                                     <tr><td><input id="iDiscount" name="discount" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><label for="iDiscount"><?= $this->getText('DiscountP') ?></label>
+                                    <tr><td><label for="iDiscount"><?= $this->getHtml('DiscountP'); ?></label>
                                     <tr><td><input id="iDiscountP" name="discountp" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><label for="iBonus"><?= $this->getText('Bonus') ?></label>
+                                    <tr><td><label for="iBonus"><?= $this->getHtml('Bonus'); ?></label>
                                     <tr><td><input id="iBonus" name="bonus" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -225,24 +225,24 @@ echo $this->getData('nav')->render(); ?>
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('AreaManager') ?></h1></header>
+                        <header><h1><?= $this->getHtml('AreaManager'); ?></h1></header>
                         <div class="inner">
                             <form action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/...'); ?>" method="post">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iManager"><?= $this->getText('AreaManager') ?></label>
+                                    <tr><td><label for="iManager"><?= $this->getHtml('AreaManager'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iManager" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSource"><?= $this->getText('ID') ?></label>
+                                    <tr><td><label for="iSource"><?= $this->getHtml('ID'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iSource" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSegment"><?= $this->getText('Segment') ?></label>
+                                    <tr><td><label for="iSegment"><?= $this->getHtml('Segment'); ?></label>
                                     <tr><td><input id="iSegment" name="segment" type="text" placeholder="">
-                                    <tr><td><label for="iProductgroup"><?= $this->getText('Productgroup') ?></label>
+                                    <tr><td><label for="iProductgroup"><?= $this->getHtml('Productgroup'); ?></label>
                                     <tr><td><input id="iProductgroup" name="productgroup" type="text" placeholder="">
-                                    <tr><td><label for="iGroup"><?= $this->getText('Group') ?></label>
+                                    <tr><td><label for="iGroup"><?= $this->getHtml('Group'); ?></label>
                                     <tr><td><input id="iGroup" name="group" type="text" placeholder="">
-                                    <tr><td><label for="iArticlegroup"><?= $this->getText('Articlegroup') ?></label>
+                                    <tr><td><label for="iArticlegroup"><?= $this->getHtml('Articlegroup'); ?></label>
                                     <tr><td><input id="iArticlegroup" name="articlegroup" type="text" placeholder="">
-                                    <tr><td><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -265,24 +265,24 @@ echo $this->getData('nav')->render(); ?>
             ?>
                     <div class="box wf-100">
                         <table class="table red">
-                            <caption><?= $this->getText('Logs') ?></caption>
+                            <caption><?= $this->getHtml('Logs'); ?></caption>
                             <thead>
                             <tr>
                                 <td>IP
-                                <td><?= $this->getText('ID', 0, 0); ?>
-                                <td><?= $this->getText('Name'); ?>
-                                <td class="wf-100"><?= $this->getText('Log'); ?>
-                                <td><?= $this->getText('Date'); ?>
+                                <td><?= $this->getHtml('ID', 0, 0); ?>
+                                <td><?= $this->getHtml('Name') ?>
+                                <td class="wf-100"><?= $this->getHtml('Log') ?>
+                                <td><?= $this->getHtml('Date') ?>
                             <tfoot>
                             <tr>
-                                <td colspan="6"><?= $footerView->render(); ?>
+                                <td colspan="6"><?= htmlspecialchars($footerView->render(), ENT_COMPAT, 'utf-8'); ?>
                             <tbody>
                             <tr>
-                                <td><?= $this->request->getOrigin(); ?>
-                                <td><?= $this->request->getAccount(); ?>
-                                <td><?= $this->request->getAccount(); ?>
+                                <td><?= htmlspecialchars($this->request->getOrigin(), ENT_COMPAT, 'utf-8'); ?>
+                                <td><?= htmlspecialchars($this->request->getAccount(), ENT_COMPAT, 'utf-8'); ?>
+                                <td><?= htmlspecialchars($this->request->getAccount(), ENT_COMPAT, 'utf-8'); ?>
                                 <td>Creating customer
-                                <td><?= (new \DateTime('now'))->format('Y-m-d H:i:s') ?>
+                                <td><?= htmlspecialchars((new \DateTime('now'))->format('Y-m-d H:i:s') , ENT_COMPAT, 'utf-8'); ?>
                         </table>
                     </div>
                 </div>
diff --git a/Theme/Backend/clients-list.tpl.php b/Theme/Backend/clients-list.tpl.php
index 2e7579e..2de1324 100644
--- a/Theme/Backend/clients-list.tpl.php
+++ b/Theme/Backend/clients-list.tpl.php
@@ -24,35 +24,35 @@ echo $this->getData('nav')->render(); ?>
 
 <!-- Hover may be better here?!?!?!
 <section class="box w-100">
-    <header><h1><?= $this->getText('Client') ?></h1></header>
+    <header><h1><?= $this->getHtml('Client'); ?></h1></header>
     <div class="inner floatLeft wf-100">
         <form class="wf-33 floatLeft">
             <table class="layout w-100">
-                <tr><td><label for="iName1"><?= $this->getText('Name1'); ?></label>
+                <tr><td><label for="iName1"><?= $this->getHtml('Name1') ?></label>
                 <tr><td><input type="text" id="iName1" disabled>
-                <tr><td><label for="iName2"><?= $this->getText('Name2'); ?></label>
+                <tr><td><label for="iName2"><?= $this->getHtml('Name2') ?></label>
                 <tr><td><input type="text" id="iName2" disabled>
-                <tr><td><label for="iName3"><?= $this->getText('Name3'); ?></label>
+                <tr><td><label for="iName3"><?= $this->getHtml('Name3') ?></label>
                 <tr><td><input type="text" id="iName3" disabled>
             </table>
         </form>
         <form class="wf-33 floatLeft">
             <table class="layout w-100">
-                <tr><td><label for="iAddress"><?= $this->getText('Address'); ?></label>
+                <tr><td><label for="iAddress"><?= $this->getHtml('Address') ?></label>
                 <tr><td><input type="text" id="iAddress" disabled>
-                <tr><td><label for="iZip"><?= $this->getText('Zip'); ?></label>
+                <tr><td><label for="iZip"><?= $this->getHtml('Zip') ?></label>
                 <tr><td><input type="text" id="iZip" disabled>
-                <tr><td><label for="iCountry"><?= $this->getText('Country'); ?></label>
+                <tr><td><label for="iCountry"><?= $this->getHtml('Country') ?></label>
                 <tr><td><input type="text" id="iCountry" disabled>
             </table>
         </form>
         <form class="wf-33 floatLeft">
             <table class="layout w-100">
-                <tr><td><label for="iPhone"><?= $this->getText('Phone'); ?></label>
+                <tr><td><label for="iPhone"><?= $this->getHtml('Phone') ?></label>
                 <tr><td><input type="text" id="iPhone" disabled>
-                <tr><td><label for="iFax"><?= $this->getText('Fax'); ?></label>
+                <tr><td><label for="iFax"><?= $this->getHtml('Fax') ?></label>
                 <tr><td><input type="text" id="iFax" disabled>
-                <tr><td><label for="iEmail"><?= $this->getText('Email'); ?></label>
+                <tr><td><label for="iEmail"><?= $this->getHtml('Email') ?></label>
                 <tr><td><input type="text" id="iEmail" disabled>
             </table>
         </form>
@@ -64,35 +64,35 @@ echo $this->getData('nav')->render(); ?>
     <div class="col-xs-12">
         <div class="box wf-100">
             <table class="table red">
-                <caption><?= $this->getText('Clients') ?></caption>
+                <caption><?= $this->getHtml('Clients'); ?></caption>
                 <thead>
                 <tr>
-                    <td><?= $this->getText('ID', 0, 0); ?>
-                    <td><?= $this->getText('Name1'); ?>
-                    <td><?= $this->getText('Name2'); ?>
-                    <td class="wf-100"><?= $this->getText('Name3'); ?>
-                    <td><?= $this->getText('City'); ?>
-                    <td><?= $this->getText('Zip'); ?>
-                    <td><?= $this->getText('Address'); ?>
-                    <td><?= $this->getText('Country'); ?>
+                    <td><?= $this->getHtml('ID', 0, 0); ?>
+                    <td><?= $this->getHtml('Name1') ?>
+                    <td><?= $this->getHtml('Name2') ?>
+                    <td class="wf-100"><?= $this->getHtml('Name3') ?>
+                    <td><?= $this->getHtml('City') ?>
+                    <td><?= $this->getHtml('Zip') ?>
+                    <td><?= $this->getHtml('Address') ?>
+                    <td><?= $this->getHtml('Country') ?>
                 <tfoot>
                 <tr>
-                    <td colspan="8"><?= $footerView->render(); ?>
+                    <td colspan="8"><?= htmlspecialchars($footerView->render(), ENT_COMPAT, 'utf-8'); ?>
                 <tbody>
                 <?php $count = 0; foreach($clients as $key => $value) : $count++; 
                  $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/sales/client/profile?{?}&id=' . $value->getId()); ?>
                 <tr>
-                    <td><a href="<?= $url; ?>"><?= $value->getNumber(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getProfile()->getAccount()->getName1(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getProfile()->getAccount()->getName2(); ?></a>
-                    <td><a href="<?= $url; ?>"><?= $value->getProfile()->getAccount()->getName3(); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getNumber(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getProfile()->getAccount()->getName1(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getProfile()->getAccount()->getName2(), ENT_COMPAT, 'utf-8'); ?></a>
+                    <td><a href="<?= $url; ?>"><?= htmlspecialchars($value->getProfile()->getAccount()->getName3(), ENT_COMPAT, 'utf-8'); ?></a>
                     <td>
                     <td>
                     <td>
                     <td>
                 <?php endforeach; ?>
                 <?php if($count === 0) : ?>
-                <tr><td colspan="8" class="empty"><?= $this->getText('Empty', 0, 0); ?>
+                <tr><td colspan="8" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
                         <?php endif; ?>
             </table>
         </div>
diff --git a/Theme/Backend/clients-profile.tpl.php b/Theme/Backend/clients-profile.tpl.php
index d442a64..adac06f 100644
--- a/Theme/Backend/clients-profile.tpl.php
+++ b/Theme/Backend/clients-profile.tpl.php
@@ -23,15 +23,15 @@ echo $this->getData('nav')->render();
 <div class="tabular-2">
     <div class="box">
         <ul class="tab-links">
-            <li><label for="c-tab-1"><?= $this->getText('Master') ?></label></li>
-            <li><label for="c-tab-2"><?= $this->getText('Contact') ?></label></li>
-            <li><label for="c-tab-3"><?= $this->getText('Addresses') ?></label></li>
-            <li><label for="c-tab-4"><?= $this->getText('PaymentTerm') ?></label></li>
-            <li><label for="c-tab-5"><?= $this->getText('Payment') ?></label></li>
-            <li><label for="c-tab-6"><?= $this->getText('Prices') ?></label></li>
-            <li><label for="c-tab-7"><?= $this->getText('AreaManager') ?></label></li>
-            <li><label for="c-tab-8"><?= $this->getText('Files') ?></label></li>
-            <li><label for="c-tab-9"><?= $this->getText('Logs') ?></label>
+            <li><label for="c-tab-1"><?= $this->getHtml('Master'); ?></label></li>
+            <li><label for="c-tab-2"><?= $this->getHtml('Contact'); ?></label></li>
+            <li><label for="c-tab-3"><?= $this->getHtml('Addresses'); ?></label></li>
+            <li><label for="c-tab-4"><?= $this->getHtml('PaymentTerm'); ?></label></li>
+            <li><label for="c-tab-5"><?= $this->getHtml('Payment'); ?></label></li>
+            <li><label for="c-tab-6"><?= $this->getHtml('Prices'); ?></label></li>
+            <li><label for="c-tab-7"><?= $this->getHtml('AreaManager'); ?></label></li>
+            <li><label for="c-tab-8"><?= $this->getHtml('Files'); ?></label></li>
+            <li><label for="c-tab-9"><?= $this->getHtml('Logs'); ?></label>
         </ul>
     </div>
     <div class="tab-content">
@@ -40,19 +40,19 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Client') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Client'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iId"><?= $this->getText('ID', 0, 0); ?></label>
-                                    <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="number" id="iId" min="1" name="id" value="<?= $client->getNumber(); ?>" disabled></span>
-                                    <tr><td><label for="iName1"><?= $this->getText('Name1'); ?></label>
-                                    <tr><td><input type="text" id="iName1" name="name1" placeholder="&#xf040;" value="<?= $client->getProfile()->getAccount()->getName1(); ?>" required>
-                                    <tr><td><label for="iName2"><?= $this->getText('Name2'); ?></label>
-                                    <tr><td><input type="text" id="iName2" name="name2" value="<?= $client->getProfile()->getAccount()->getName2(); ?>" placeholder="&#xf040;">
-                                    <tr><td><label for="iName3"><?= $this->getText('Name3'); ?></label>
-                                    <tr><td><input type="text" id="iName3" name="name3" value="<?= $client->getProfile()->getAccount()->getName3(); ?>" placeholder="&#xf040;">
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Save', 0, 0); ?>"> <input type="submit" value="<?= $this->getText('Delete', 0, 0); ?>">
+                                    <tr><td><label for="iId"><?= $this->getHtml('ID', 0, 0); ?></label>
+                                    <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="number" id="iId" min="1" name="id" value="<?= htmlspecialchars($client->getNumber(), ENT_COMPAT, 'utf-8'); ?>" disabled></span>
+                                    <tr><td><label for="iName1"><?= $this->getHtml('Name1') ?></label>
+                                    <tr><td><input type="text" id="iName1" name="name1" placeholder="&#xf040;" value="<?= htmlspecialchars($client->getProfile()->getAccount()->getName1(), ENT_COMPAT, 'utf-8'); ?>" required>
+                                    <tr><td><label for="iName2"><?= $this->getHtml('Name2') ?></label>
+                                    <tr><td><input type="text" id="iName2" name="name2" value="<?= htmlspecialchars($client->getProfile()->getAccount()->getName2(), ENT_COMPAT, 'utf-8'); ?>" placeholder="&#xf040;">
+                                    <tr><td><label for="iName3"><?= $this->getHtml('Name3') ?></label>
+                                    <tr><td><input type="text" id="iName3" name="name3" value="<?= htmlspecialchars($client->getProfile()->getAccount()->getName3(), ENT_COMPAT, 'utf-8'); ?>" placeholder="&#xf040;">
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Save', 0, 0); ?>"> <input type="submit" value="<?= $this->getHtml('Delete', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -65,29 +65,29 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Contact') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Contact'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iCType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iCType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iCType" name="actype">
-                                                <option><?= $this->getText('Email'); ?>
-                                                <option><?= $this->getText('Fax'); ?>
-                                                <option><?= $this->getText('Phone'); ?>
+                                                <option><?= $this->getHtml('Email') ?>
+                                                <option><?= $this->getHtml('Fax') ?>
+                                                <option><?= $this->getHtml('Phone') ?>
                                             </select>
-                                    <tr><td><label for="iCStype"><?= $this->getText('Subtype'); ?></label>
+                                    <tr><td><label for="iCStype"><?= $this->getHtml('Subtype') ?></label>
                                     <tr><td><select id="iCStype" name="acstype">
-                                                <option><?= $this->getText('Office'); ?>
-                                                <option><?= $this->getText('Sales'); ?>
-                                                <option><?= $this->getText('Purchase'); ?>
-                                                <option><?= $this->getText('Accounting'); ?>
-                                                <option><?= $this->getText('Support'); ?>
+                                                <option><?= $this->getHtml('Office') ?>
+                                                <option><?= $this->getHtml('Sales') ?>
+                                                <option><?= $this->getHtml('Purchase') ?>
+                                                <option><?= $this->getHtml('Accounting') ?>
+                                                <option><?= $this->getHtml('Support') ?>
                                             </select>
-                                    <tr><td><label for="iCInfo"><?= $this->getText('Info'); ?></label>
+                                    <tr><td><label for="iCInfo"><?= $this->getHtml('Info') ?></label>
                                     <tr><td><input type="text" id="iCInfo" name="cinfo">
-                                    <tr><td><label for="iCData"><?= $this->getText('Contact'); ?></label>
+                                    <tr><td><label for="iCData"><?= $this->getHtml('Contact') ?></label>
                                     <tr><td><input type="text" id="iCData" name="cdata">
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -100,26 +100,26 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Address') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Address'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iAType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iAType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iAType" name="atype">
-                                                <option><?= $this->getText('Default'); ?>
-                                                <option><?= $this->getText('Delivery'); ?>
-                                                <option><?= $this->getText('Invoice'); ?>
+                                                <option><?= $this->getHtml('Default') ?>
+                                                <option><?= $this->getHtml('Delivery') ?>
+                                                <option><?= $this->getHtml('Invoice') ?>
                                             </select>
-                                    <tr><td><label for="iAddress"><?= $this->getText('Address'); ?></label>
+                                    <tr><td><label for="iAddress"><?= $this->getHtml('Address') ?></label>
                                     <tr><td><input type="text" id="iAddress" name="address">
-                                    <tr><td><label for="iZip"><?= $this->getText('Zip'); ?></label>
+                                    <tr><td><label for="iZip"><?= $this->getHtml('Zip') ?></label>
                                     <tr><td><input type="text" id="iZip" name="zip">
-                                    <tr><td><label for="iCountry"><?= $this->getText('Country'); ?></label>
+                                    <tr><td><label for="iCountry"><?= $this->getHtml('Country') ?></label>
                                     <tr><td><input type="text" id="iCountry" name="country">
-                                    <tr><td><label for="iAInfo"><?= $this->getText('Info'); ?></label>
+                                    <tr><td><label for="iAInfo"><?= $this->getHtml('Info') ?></label>
                                     <tr><td><input type="text" id="iAInfo" name="ainfo">
-                                    <tr><td><span class="check"><input type="checkbox" id="iDefault" name="default" checked><label for="iDefault"><?= $this->getText('IsDefault'); ?></label></span>
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><span class="check"><input type="checkbox" id="iDefault" name="default" checked><label for="iDefault"><?= $this->getHtml('IsDefault') ?></label></span>
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -132,26 +132,26 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('PaymentTerm') ?></h1></header>
+                        <header><h1><?= $this->getHtml('PaymentTerm'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iSource"><?= $this->getText('ID') ?></label>
+                                    <tr><td><label for="iSource"><?= $this->getHtml('ID'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iSource" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSegment"><?= $this->getText('Segment') ?></label>
+                                    <tr><td><label for="iSegment"><?= $this->getHtml('Segment'); ?></label>
                                     <tr><td><input id="iSegment" name="segment" type="text" placeholder="">
-                                    <tr><td><label for="iProductgroup"><?= $this->getText('Productgroup') ?></label>
+                                    <tr><td><label for="iProductgroup"><?= $this->getHtml('Productgroup'); ?></label>
                                     <tr><td><input id="iProductgroup" name="productgroup" type="text" placeholder="">
-                                    <tr><td><label for="iGroup"><?= $this->getText('Group') ?></label>
+                                    <tr><td><label for="iGroup"><?= $this->getHtml('Group'); ?></label>
                                     <tr><td><input id="iGroup" name="group" type="text" placeholder="">
-                                    <tr><td><label for="iArticlegroup"><?= $this->getText('Articlegroup') ?></label>
+                                    <tr><td><label for="iArticlegroup"><?= $this->getHtml('Articlegroup'); ?></label>
                                     <tr><td><input id="iArticlegroup" name="articlegroup" type="text" placeholder="">
-                                    <tr><td><label for="iTerm"><?= $this->getText('Type') ?></label>
+                                    <tr><td><label for="iTerm"><?= $this->getHtml('Type'); ?></label>
                                     <tr><td><select id="iTerm" name="term" required>
                                                 <option>
                                             </select>
-                                    <tr><td><span class="check"><input type="checkbox" id="iFreightage" name="freightage"><label for="iFreightage"><?= $this->getText('Freightage') ?></label></span>
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><span class="check"><input type="checkbox" id="iFreightage" name="freightage"><label for="iFreightage"><?= $this->getHtml('Freightage'); ?></label></span>
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -164,16 +164,16 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Payment') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Payment'); ?></h1></header>
                         <div class="inner">
                             <form>
                                 <table class="layout w-100">
-                                    <tr><td><label for="iACType"><?= $this->getText('Type'); ?></label>
+                                    <tr><td><label for="iACType"><?= $this->getHtml('Type') ?></label>
                                     <tr><td><select id="iACType" name="actype">
-                                                <option><?= $this->getText('Wire'); ?>
-                                                <option><?= $this->getText('Creditcard'); ?>
+                                                <option><?= $this->getHtml('Wire') ?>
+                                                <option><?= $this->getHtml('Creditcard') ?>
                                             </select>
-                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td colspan="2"><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -186,36 +186,36 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('Price') ?></h1></header>
+                        <header><h1><?= $this->getHtml('Price'); ?></h1></header>
                         <div class="inner">
                             <form action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/...'); ?>" method="post">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td colspan="2"><label for="iPType"><?= $this->getText('Type') ?></label>
+                                    <tr><td colspan="2"><label for="iPType"><?= $this->getHtml('Type'); ?></label>
                                     <tr><td><select id="iPType" name="ptye">
                                                 <option>
                                             </select><td>
-                                    <tr><td><label for="iSource"><?= $this->getText('ID') ?></label>
+                                    <tr><td><label for="iSource"><?= $this->getHtml('ID'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iSource" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSegment"><?= $this->getText('Segment') ?></label>
+                                    <tr><td><label for="iSegment"><?= $this->getHtml('Segment'); ?></label>
                                     <tr><td><input id="iSegment" name="segment" type="text" placeholder="">
-                                    <tr><td><label for="iProductgroup"><?= $this->getText('Productgroup') ?></label>
+                                    <tr><td><label for="iProductgroup"><?= $this->getHtml('Productgroup'); ?></label>
                                     <tr><td><input id="iProductgroup" name="productgroup" type="text" placeholder="">
-                                    <tr><td><label for="iGroup"><?= $this->getText('Group') ?></label>
+                                    <tr><td><label for="iGroup"><?= $this->getHtml('Group'); ?></label>
                                     <tr><td><input id="iGroup" name="group" type="text" placeholder="">
-                                    <tr><td><label for="iArticlegroup"><?= $this->getText('Articlegroup') ?></label>
+                                    <tr><td><label for="iArticlegroup"><?= $this->getHtml('Articlegroup'); ?></label>
                                     <tr><td><input id="iArticlegroup" name="articlegroup" type="text" placeholder="">
-                                    <tr><td><label for="iPQuantity"><?= $this->getText('Quantity') ?></label>
+                                    <tr><td><label for="iPQuantity"><?= $this->getHtml('Quantity'); ?></label>
                                     <tr><td><input id="iPQuantity" name="quantity" type="text" placeholder=""><td>
-                                    <tr><td><label for="iPrice"><?= $this->getText('Price') ?></label>
+                                    <tr><td><label for="iPrice"><?= $this->getHtml('Price'); ?></label>
                                     <tr><td><input id="iPrice" name="price" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><label for="iDiscount"><?= $this->getText('Discount') ?></label>
+                                    <tr><td><label for="iDiscount"><?= $this->getHtml('Discount'); ?></label>
                                     <tr><td><input id="iDiscount" name="discount" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><label for="iDiscount"><?= $this->getText('DiscountP') ?></label>
+                                    <tr><td><label for="iDiscount"><?= $this->getHtml('DiscountP'); ?></label>
                                     <tr><td><input id="iDiscountP" name="discountp" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><label for="iBonus"><?= $this->getText('Bonus') ?></label>
+                                    <tr><td><label for="iBonus"><?= $this->getHtml('Bonus'); ?></label>
                                     <tr><td><input id="iBonus" name="bonus" type="number" step="any" min="0" placeholder=""><td>
-                                    <tr><td><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -228,24 +228,24 @@ echo $this->getData('nav')->render();
             <div class="row">
                 <div class="col-xs-12 col-md-6 col-lg-4">
                     <section class="box wf-100">
-                        <header><h1><?= $this->getText('AreaManager') ?></h1></header>
+                        <header><h1><?= $this->getHtml('AreaManager'); ?></h1></header>
                         <div class="inner">
                             <form action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/...'); ?>" method="post">
                                 <table class="layout wf-100">
                                     <tbody>
-                                    <tr><td><label for="iManager"><?= $this->getText('AreaManager') ?></label>
+                                    <tr><td><label for="iManager"><?= $this->getHtml('AreaManager'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iManager" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSource"><?= $this->getText('ID') ?></label>
+                                    <tr><td><label for="iSource"><?= $this->getHtml('ID'); ?></label>
                                     <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input id="iSource" name="source" type="text" placeholder=""></span>
-                                    <tr><td><label for="iSegment"><?= $this->getText('Segment') ?></label>
+                                    <tr><td><label for="iSegment"><?= $this->getHtml('Segment'); ?></label>
                                     <tr><td><input id="iSegment" name="segment" type="text" placeholder="">
-                                    <tr><td><label for="iProductgroup"><?= $this->getText('Productgroup') ?></label>
+                                    <tr><td><label for="iProductgroup"><?= $this->getHtml('Productgroup'); ?></label>
                                     <tr><td><input id="iProductgroup" name="productgroup" type="text" placeholder="">
-                                    <tr><td><label for="iGroup"><?= $this->getText('Group') ?></label>
+                                    <tr><td><label for="iGroup"><?= $this->getHtml('Group'); ?></label>
                                     <tr><td><input id="iGroup" name="group" type="text" placeholder="">
-                                    <tr><td><label for="iArticlegroup"><?= $this->getText('Articlegroup') ?></label>
+                                    <tr><td><label for="iArticlegroup"><?= $this->getHtml('Articlegroup'); ?></label>
                                     <tr><td><input id="iArticlegroup" name="articlegroup" type="text" placeholder="">
-                                    <tr><td><input type="submit" value="<?= $this->getText('Add', 0, 0) ?>">
+                                    <tr><td><input type="submit" value="<?= $this->getHtml('Add', 0, 0); ?>">
                                 </table>
                             </form>
                         </div>
@@ -268,24 +268,24 @@ echo $this->getData('nav')->render();
             ?>
                     <div class="box wf-100">
                         <table class="table red">
-                            <caption><?= $this->getText('Logs') ?></caption>
+                            <caption><?= $this->getHtml('Logs'); ?></caption>
                             <thead>
                             <tr>
                                 <td>IP
-                                <td><?= $this->getText('ID', 0, 0); ?>
-                                <td><?= $this->getText('Name'); ?>
-                                <td class="wf-100"><?= $this->getText('Log'); ?>
-                                <td><?= $this->getText('Date'); ?>
+                                <td><?= $this->getHtml('ID', 0, 0); ?>
+                                <td><?= $this->getHtml('Name') ?>
+                                <td class="wf-100"><?= $this->getHtml('Log') ?>
+                                <td><?= $this->getHtml('Date') ?>
                             <tfoot>
                             <tr>
-                                <td colspan="6"><?= $footerView->render(); ?>
+                                <td colspan="6"><?= htmlspecialchars($footerView->render(), ENT_COMPAT, 'utf-8'); ?>
                             <tbody>
                             <tr>
-                                <td><?= $this->request->getOrigin(); ?>
-                                <td><?= $this->request->getAccount(); ?>
-                                <td><?= $this->request->getAccount(); ?>
+                                <td><?= htmlspecialchars($this->request->getOrigin(), ENT_COMPAT, 'utf-8'); ?>
+                                <td><?= htmlspecialchars($this->request->getAccount(), ENT_COMPAT, 'utf-8'); ?>
+                                <td><?= htmlspecialchars($this->request->getAccount(), ENT_COMPAT, 'utf-8'); ?>
                                 <td>Creating customer
-                                <td><?= (new \DateTime('now'))->format('Y-m-d H:i:s') ?>
+                                <td><?= htmlspecialchars((new \DateTime('now'))->format('Y-m-d H:i:s') , ENT_COMPAT, 'utf-8'); ?>
                         </table>
                     </div>
                 </div>

IP -	getText('ID', 0, 0); ?> -	getText('Name'); ?> -	getText('Log'); ?> -	getText('Date'); ?> +	getHtml('ID', 0, 0); ?> +	getHtml('Name') ?> +	getHtml('Log') ?> +	getHtml('Date') ?>
render(); ?> +						render(), ENT_COMPAT, 'utf-8'); ?>
request->getOrigin(); ?> -	request->getAccount(); ?> -	request->getAccount(); ?> +	request->getOrigin(), ENT_COMPAT, 'utf-8'); ?> +	request->getAccount(), ENT_COMPAT, 'utf-8'); ?> +	request->getAccount(), ENT_COMPAT, 'utf-8'); ?>	Creating customer -	format('Y-m-d H:i:s') ?> +	format('Y-m-d H:i:s') , ENT_COMPAT, 'utf-8'); ?>