Flags: you got it. : )
html_entity_decode, I think my earlier comment may have led you in the wrong direction. To be clear:
You are displaying this in an HTML page. Anything you want shown as “plain text” should be html-entity encoded. Do not decode it before putting it on your webpage. When you serve un-encoded text to a web browser, the web browser treats it as HTML. HTML entities are the only way the browser knows that it is supposed to be plain text.
What I was talking about earlier were other formats, which are not parsed as HTML. This is not one of those situations. Sorry for the confusion.