Fix escaping for shortcodes and URLs

[yscik]

Fixes #176

Changes proposed in this Pull Request

• Escape shortcodes in the PHP render callback with [[double_brackets]] syntax.
• Remove escaping // in URLs. Haven't found a case where this would be need, and Syntaxhighlighter handles URLs, with the option to make them clickable

Testing instructions

• See https://codex.wordpress.org/Shortcode_API#Formal_Syntax for shortcode syntax examples. Make sure to use a valid shortcode, like gallery.
• Add various shortcodes to a code block
• Ensure the shortcodes are not replaced on the frontend, but displayed as in the editor
• Ensure code block content remains the same when opening an existing post (no extra escaped/unescaped content, see SyntaxHighlighter Code block: improper encoding/decoding of HTML entities #152 )

[jom]

This seems to fix the shortcode escaping issue, but it introduces a new issue with oembeds for URLs (see comment on original method).

For example, this code sample will output the <iframe...> on the frontend when placed in a code block:

[gallery ids="318,306,289"]

https://www.youtube.com/watch?v=21X5lGlDOfg

This line needs to be here so the end `</pre>` doesn't go on the YouTube line.

Produces this on frontend:

[yscik]

Oh I missed that comment, thanks for the check! Looks like the oembed stuff runs before the block rendering, so I added the escaping back for block save, but restore the URLs in render_callback so links are displayed correctly: df35770

[jom]

Fixes the issue and looks good.