PHP nerds, be happy:

PHP chunk in SRC attribute

Update: the pref is now gone, and the whole thing is now automatic, following this suggestion. If an attribute's value contain the chunk <?php, the escaping is not done. I know it should be more intelligent than that, and escape the value's parts outside of the PHP code but that's all I can offer for now. Please don't ask for the <? ... ?> form, I am not going to implement it, it's deprecated.