Added includes

doc/book/zend.escaper.escaping-css.md

@@ -8,7 +8,7 @@ hexadecimal escapes.
 
 In most cases developers forget to escape CSS completely:
 
-``` sourceCode
+```php
 <?php header('Content-Type: application/xhtml+xml; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php
@@ -39,7 +39,7 @@ attack fairly easily.
 
 By using `escapeCss` method in the CSS context, such attacks can be prevented:
 
-``` sourceCode
+```php
 <?php header('Content-Type: application/xhtml+xml; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php

doc/book/zend.escaper.escaping-html-attributes.md

@@ -15,7 +15,7 @@ attribute might be unquoted or quoted illegally.
 
 An example of incorrect HTML attribute escaping:
 
-``` sourceCode
+```php
 <?php header('Content-Type: text/html; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php
@@ -53,7 +53,7 @@ element.
 Another example of incorrect HTML attribute escaping can happen when unquoted attributes are used,
 which is, by the way, perfectly valid HTML5:
 
-``` sourceCode
+```php
 <?php header('Content-Type: text/html; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php
@@ -88,7 +88,7 @@ The above example shows how it is easy to break out from unquoted attributes in
 
 Both of the previous examples can be avoided by simply using the `escapeHtmlAttr` method:
 
-``` sourceCode
+```php
 <?php header('Content-Type: text/html; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php

doc/book/zend.escaper.escaping-html.md

@@ -7,7 +7,7 @@ namely by setting the wrong flags and character encoding.
 For escaping data in the HTML Body context, use `Zend\Escaper\Escaper`'s `escapeHtml` method.
 Internally it uses PHP's `htmlspecialchars`, and additionally correctly sets the flags and encoding.
 
-``` sourceCode
+```php
 // outputting this without escaping would be a bad idea!
 $input = '<script>alert("zf2")</script>';
 
@@ -28,7 +28,7 @@ is served to the client, as it **must be the same** as the encoding used for esc
 
 An example of incorrect usage:
 
-``` sourceCode
+```php
 <?php
 $input = '<script>alert("zf2")</script>';
 $escaper = new Zend\Escaper\Escaper('utf-8');
@@ -52,7 +52,7 @@ $escaper = new Zend\Escaper\Escaper('utf-8');
 
 An example of correct usage:
 
-``` sourceCode
+```php
 <?php
 $input = '<script>alert("zf2")</script>';
 $escaper = new Zend\Escaper\Escaper('utf-8');

doc/book/zend.escaper.escaping-javascript.md

@@ -20,7 +20,7 @@ special characters and entities.
 
 An example of incorrect Javascript escaping:
 
-``` sourceCode
+```php
 <?php header('Content-Type: application/xhtml+xml; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php
@@ -54,7 +54,7 @@ not properly escaped for the Javascript context.
 
 By using the `escapeJs` method in the Javascript context, such attacks can be prevented:
 
-``` sourceCode
+```php
 <?php header('Content-Type: text/html; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php

doc/book/zend.escaper.escaping-url.md

@@ -9,7 +9,7 @@ URL escaping applies to data being inserted into a URL and not to the whole URL
 
 XSS attacks are easy if data inserted into URLs is not escaped properly:
 
-``` sourceCode
+```php
 <?php header('Content-Type: application/xhtml+xml; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php
@@ -32,7 +32,7 @@ INPUT;
 
 By properly escaping data in URLs by using `escapeUrl`, we can prevent XSS attacks:
 
-``` sourceCode
+```php
 <?php header('Content-Type: application/xhtml+xml; charset=UTF-8'); ?>
 <!DOCTYPE html>
 <?php

doc/book/zend.escaper.theory-of-operation.md

@@ -20,7 +20,7 @@ The actual escaping of the data differs between each method, they all have their
 according to which the escaping is done. An example will allow us to clearly demonstrate the
 difference, and how the same characters are being escaped differently between contexts:
 
-``` sourceCode
+```php
 $escaper = new Zend\Escaper\Escaper('utf-8');
 
 // <script>alert("zf2")</script>