How can I allow my user to insert HTML code, without risks? (not only technical risks)

Question

I developed a web application, that permits my users to manage some aspects of a web site dynamically (yes, some kind of cms) in LAMP environment (debian, apache, php, mysql

Answer 1

You might want to consider, rather than allowing HTML at all, implementing some standin for HTML like BBCode or Markdown.