From a new posting over on Harry Fuecks' weblog this morning:

What's got me started is this recent blog by Sam Ruby [...] The issue? How to publish content submitted to your site by it's visitors. Solving this is one is as old as that most dated of web apps - the Guestbook and if you trawl through the comments on Sam's site, you'll quickly get the idea that still, no ones too sure of the answer. The basic problem, as you no doubt know, is to allow visitors to your blog or forum to submit more that just plain, unformatted text, you need to allow them some kind of mechanism to add structure.

He goes on to talk about common "gotchas" to watch out for when considering user input, as well as quick and easy ways to prevent them. Suggestions include: "allow a limited subset of HTML", use a "Wiki style", and the ever popular "implied formatting". He closes out the posting by including several references to packages you can use to do the above including: PEAR::HTML_BBCodeParser, PEAR::Text_Wiki, and a XML_HTMLSax that won't choke on on HTML.