Fix HTML injections (#2157)

Minz: Fix HTML injections

app/views/error/index.phtml

@@ -2,7 +2,7 @@
 	<div class="alert alert-error">
 		<h1 class="alert-head"><?php echo $this->code; ?></h1>
 		<p>
-			<?php echo $this->errorMessage; ?><br />
+			<?php echo htmlspecialchars($this->errorMessage, ENT_NOQUOTES, 'UTF-8'); ?><br />
 			<a href="<?php echo _url('index', 'index'); ?>"><?php echo _t('gen.action.back_to_rss_feeds'); ?></a>
 		</p>
 	</div>

lib/Minz/ActionException.php

@@ -1,9 +1,7 @@
 <?php
 class Minz_ActionException extends Minz_Exception {
 	public function __construct ($controller_name, $action_name, $code = self::ERROR) {
-		$message = '`' . $action_name . '` cannot be invoked on `'
-		         . $controller_name . '`';
-
+		$message = 'Invalid action name for controller ' . $controller_name;
 		parent::__construct ($message, $code);
 	}
 }

lib/Minz/ControllerNotExistException.php

@@ -1,9 +1,7 @@
 <?php
 class Minz_ControllerNotExistException extends Minz_Exception {
 	public function __construct ($controller_name, $code = self::ERROR) {
-		$message = 'Controller `' . $controller_name
-		         . '` doesn\'t exist';
-
+		$message = 'Controller not found!';
 		parent::__construct ($message, $code);
 	}
 }