Improve ugly interface for Sanitizer::escapeId()

Improve ugly interface for Sanitizer::escapeId()

Calling it with no extra arguments will now assume that you're escaping
a whole id, not an id fragment, which is safer.  Also, instead of ugly
bitfield-based options, I've changed the options to use an array of
strings.  I fixed all callers in trunk.  Out-of-tree callers that were
using Sanitizer::NONE will get correct behavior, while those that were
calling it with no arguments will get slightly changed behavior (an x
will be prepended).  I think this is harmless enough that we can skip
back-compat cruft here.

This should cause no visible changes.  No parser test regressions.