I have a problem !
I'm starting a comment system for my website.
The problem is:
I want to use an HTML editor, but is not fully necesary.
My problem is with the security.
How to secure the user input that i save in database? Because i show that input on my website and i want to prevent xss, sqli and other things like that. But i still want my user to write any char. For example, daniweb uses and HTML EDITOR ( wysiwyg ).