I am no expert on this and have struggled with this myself. HTML purifier is a must, as it also tidies up a lot of the messy HTML these WYSIWIG editors produce. Also it will strip out unwanted tags and, from my vague recollection, where you whitelist the allowed tags. When I tested the purification I found it to be excellent. I could not catch it out.
Personally, I have stopped using these editors, only because of the mess users make with these things. I now just have a form with, for instance, a title field, a subtitle, a paragraph subtitle, a paragraph content, and the ability to add a paragraph or add an image etc. It is a pain but it is a lot more manageable in the long run and preserves your layout/design. Otherwise you get massive purple titles in comic sans, writing with red backgrounds and green text, and usually tons of unwanted line breaks.
Anyway, if anyone knows of a better way to implement WYSIWYG I would love to hear it too.
However, I do like them and there are scenarios where they make sense. I find them unworkable and not as user friendly as you might imagine.
Paul.
