Kill phutil_render_tag()

Summary: Fixes some double escaping.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4945

src/docs/developer/rendering_html.diviner

@@ -168,11 +168,11 @@ following examples are dangerous:
 
   phutil_tag('span', array($evil => $evil2));
 
-  // Use PhutilURI to check if $evil is valid HTTP link.
-  phutil_tag('a', array('href' => $evil));
-
   phutil_tag('span', array('onmouseover' => $evil));
 
+  // Use PhutilURI to check if $evil is valid HTTP link.
+  hsprintf('<a href="%s">', $evil);
+
   hsprintf('<%s>%s</%s>', $evil, $evil2, $evil);
 
   // We have a lint rule disallowing this.