Database for Content - OK to store HTML?

Question

Basic question is - is it safe to store HTML in a database if I restrict who can submit to it?

I have a pretty simple question. I provide video tutorials and other

Answer 1

Storing HTML code is fine. But if it is not from trusted source, you need to check it and allow a secure subset of markup only. HTML Tidy library will help you with that.

Also, you need to count with a future change in website design, so do not use too much markup, only basic tags. To make it look like you want, use global CSS rules and semantically named classes in the markup.

But even better is to use Markdown or another wiki-like syntax. There are nice JS editors for Markdown with real-time preview (like the one here at Stackowerflow), and you can avoid HTML altogether.