While reading this report:
https://github.com/SimpleMachines/SMF2.1/issues/1548
and thinking about the usual fuss about html allowed in many admin settings, I came up with this:
https://github.com/emanuele45/Dialogo/commit/e9b9d3f2c7b530f6abebf0b23193c7f4c967846d
so that, doing this:
https://github.com/emanuele45/Dialogo/commit/7bb15c97df4b8a8e0d31d1954a52b320e06c6554
is enough to sanitize the input.
The 'mask' parameter can accept also an array of sanitation rules or custom stuff (that means you add your own rules instead of the pre-made).
Does it make sense? :P
Its adds a lot more flexibility to the function which is nice ! In the long run a much easier way to deal with those situations.
And I'd say that in 1.1 we should apply this to anything in the admin panel...
Yeah, it's a pain, but use html these fields is no "the right way".