I am trying to embed audio/video content such as youtube links and playlists from imeem.com into my website for each user of their choice.
What are the measures to be taken to display $user_choice_video variable which is retrieved from database!? I am afraid there might be attacks if i dont take proper measures before displaying it and storing it in database. As htmlentities() will not let the video to display, what should i do to avoid any other code rather than audio/video content on the input?? Also what are the measures to be taken while storing the data into the database.
Any help, guidance is appreciated.