HTML Purifier を使って html を消毒する ref: http://qiita.com/items/b7767b63d6c3d65cd3da

html_purifier.php

<?php
require_once('$PATH_TO_LIBRARY/HTMLPurifier.includes.php');
use HTMLPurifier;
use HTMLPurifier_Config;

function sanitize($tainted_html) {
  $config = HTMLPurifier_Config::createDefault();
  $config->set('Cache.SerializerPath', $PATH_TO_TEMPORARY_DIR);
  $purifier = new HTMLPurifier($config);
  return $purifier->purify($tainted_html);
}