I suggest to rename all method parameters in all of Yii framework to include ‘html’ as a suffix or prefix, if the method parameter will not be HTML encoded. This should be a trivial task as renaming a parameter does not change an interface, unless the programmer is using black magic reflection.
Also, for new properties of new classes it would be good to have the same suffix or prefix, ‘html’ to remind that the property is not automatically escaped. This can even go further. Rename existing properties, provide an alias for the old name via getter/setter and then deprecate the old name.
Also, for consistency sake, properties, which do escape their content may have a suffix ‘text’.
For example, consider these method signatures for CHtml:
Before:
public static string link(string $text, mixed $url='#', array $htmlOptions=array ( ))
After:
public static string link(string $html, mixed $url='#', array $htmlOptions=array ( ))
Before:
public static string activeCheckBoxList(CModel $model, string $attribute, array $data, array $htmlOptions=array ( ))
After:
public static string activeCheckBoxList(CModel $model, string $attribute, array $htmlData, array $htmlOptions=array ( ))
Before:
public static string htmlButton(string $label='button', array $htmlOptions=array ( ))
After:
public static string htmlButton(string $html='button', array $htmlOptions=array ( ))
or
public static string htmlButton(string $htmlLabel='button', array $htmlOptions=array ( ))
CHtml::dropDownList():
Before:
$htmlOptions = array('empty' => ... , 'prompt' => ...)
After:
$htmlOptions = array('emptyHtml' => ... , 'promptHtml' => ...)