Summary of Changes

This PR removes a completely pointless pseudo security-check in the TemplateHelper.

The code was supposed to check the last 256 chars of an uploaded file for HTML tags - which should removed for various reasons:

• the code does not work. It's using -1 as offset and will always only return the very last char - and that never matches with the tag blocklist
• HTML tags are valid content for files in the template manager, because it manages the template overrides
• the template manager allows adding/editing PHP code, it's "remote code execution" by design - don't worry about <table> tags folks, if someone has access to your PHP files, you are screwed anyways

Why removing it now: AI agents start checking our codebase, that snippet here will very likely cause reports about the wrong offset in file_get_contents.

Testing Instructions

Code review

Actual result BEFORE applying this Pull Request

Code present

Expected result AFTER applying this Pull Request

Code gone

Link to documentations

Please select:

• Documentation link for guide.joomla.org:

• No documentation changes for guide.joomla.org needed

• Pull Request link for manual.joomla.org:

• No documentation changes for manual.joomla.org needed