Inputs on admin pages are imcompletely escaped, then
the escaped values are saved (excpet 'info' property).
This expedient solution have caused following problems:
o Input including `"' breaks HTML formatting.
o `<' is not allowed in admin/user option value (it is
replaced with '<' in many contexts).
o 'info' in admin page might break HTML formatting with
some sort of tags (e.g. '</textarea>').
This patch solve these problems. Always unescaped
value is saved (except '<script>' in 'info') and
escaped only when it is displayed as HTML.