diff --git a/phpstan.neon b/phpstan.neon
index 1e81ac4b..2b6d45f7 100644
--- a/phpstan.neon
+++ b/phpstan.neon
@@ -39,9 +39,9 @@ parameters:
 		- www/vendor
 	# ignore errores with
 	ignoreErrors:
-		# - # in the class_test tree we allow deprecated calls
-		# 	message: "#^Call to deprecated method #"
-		# 	path: %currentWorkingDirectory%/www/admin/class_test.*.php
+		- # in the class_test tree we allow deprecated calls
+			message: "#^Call to deprecated method #"
+			path: %currentWorkingDirectory%/www/admin/class_test.*.php
 		# - '#Expression in empty\(\) is always falsy.#'
 		# -
 		# 	message: '#Reflection error: [a-zA-Z0-9\\_]+ not found.#'
diff --git a/www/admin/class_test.html.php b/www/admin/class_test.html.php
index 68839e0d..824d662a 100644
--- a/www/admin/class_test.html.php
+++ b/www/admin/class_test.html.php
@@ -68,8 +68,10 @@ $checked_list = [
 	['foo', ['bar']],
 ];
 foreach ($checked_list as $check) {
-	print "CHECKED(0): $check[0]: " . Html::checked($check[1], $check[0]) . "<br>";
-	print "CHECKED(1): $check[0]: " . Html::checked($check[1], $check[0], Html::CHECKED) . "<br>";
+	print "CHECKED(0): " . $check[0] . " -> " . print_r($check[1], true) . ": "
+		. Html::checked($check[1], $check[0]) . "<br>";
+	print "CHECKED(1): " . $check[0] . " -> " . print_r($check[1], true) . ": "
+		. Html::checked($check[1], $check[0], Html::CHECKED) . "<br>";
 }
 
 // magic link creation test
diff --git a/www/lib/CoreLibs/Convert/Html.php b/www/lib/CoreLibs/Convert/Html.php
index 147a6443..2094dc55 100644
--- a/www/lib/CoreLibs/Convert/Html.php
+++ b/www/lib/CoreLibs/Convert/Html.php
@@ -16,16 +16,22 @@ class Html
 	/**
 	 * full wrapper for html entities
 	 *
+	 * uses default params as: ENT_QUOTES | ENT_HTML5
+	 * switches from ENT_HTML401 to ENT_HTML5 as we assume all our pages have <!DOCTYPE html>
+	 * removed: ENT_SUBSTITUTE -> wrong characters will be replaced with space
+	 * encodes in UTF-8
+	 * does not double encode
+	 *
 	 * @param  mixed $string string to html encode
+	 * @param  int   $flags [default: ENT_QUOTES | ENT_HTML5]
 	 * @return mixed         if string, encoded, else as is (eg null)
 	 */
-	public static function htmlent(mixed $string): mixed
+	public static function htmlent(mixed $string, int $flags = ENT_QUOTES | ENT_HTML5): mixed
 	{
 		if (is_string($string)) {
-			return htmlentities($string, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
-		} else {
-			return $string;
+			return htmlentities($string, $flags, 'UTF-8', false);
 		}
+		return $string;
 	}
 
 	/**
@@ -54,14 +60,10 @@ class Html
 	 */
 	public static function checked(array|string $haystack, string $needle, int $type = 0): ?string
 	{
-		if (is_array($haystack)) {
-			if (in_array($needle, $haystack)) {
-				return $type ? 'checked' : 'selected';
-			}
-		} else {
-			if ($haystack == $needle) {
-				return $type ? 'checked' : 'selected';
-			}
+		if (is_array($haystack) && in_array($needle, $haystack)) {
+			return $type ? 'checked' : 'selected';
+		} elseif (!is_array($haystack) && $haystack == $needle) {
+			return $type ? 'checked' : 'selected';
 		}
 		return null;
 	}