Add helper function for rendering HTML code

Summary:
This function will allow reducing the number of callsites of
phutil_escape_html().
It will also allow better separation of templates and their data.
It will also reduce the number of potential XSS (like
"<strong>$callsign</strong>") where explicit call of phutil_escape_html() looks
like an overkill.

I will convert some code to this function if it will be accepted.

Test Plan: hsprintf('<td>%s</td>', '<x> & <y>')

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1575