XSS exploit prevention

- Calendar - Show Contents
- Playlist tooltip in Library page
- Adding track to a show
- Widgets
- Playlist/Webstream title and description
- Smart block expansion

airtime_mvc/application/views/scripts/playlist/smart-block.phtml

@@ -39,7 +39,7 @@ if (isset($this->obj)) {
             <a id="playlist_name_display" contenteditable="true">
             <?php
                 if (isset($this->unsavedName)) echo $this->unsavedName;
-                else echo $this->obj->getName();
+                else echo $this->escape($this->obj->getName());
             ?>
             </a>
         </h3>