On my client side, I have a rich text area where the user is allowed to enter HTML. Then, how on PHP do i ensure that the PHP is safe. Is there any validation in php for checking HTML??

from safe I mean that the HTML does not contain any malicious code

You'll want to sanitize your input before saving it. http://htmlpurifier.org/ does a great job and is pretty easy to implement and insanely configurable.

You could look into HTMLPurifier http://htmlpurifier.org/, I have yet to use it but I remember seeing a screencast or two on it at www.zendcasts.com.

You could also use a Zend Framework Filter like Zend_Filter_StripTags.

You could strip the tags that are not allowed, using strip_tags();

<?php
$allow = '<p><ul><li><b><strong>'; // Just an example
$input = strip_tags($input,$allowedtags);
?>

Other than that it's adviced to use mysql_real_escape_string($input) or better yet, use: Is this a safe way to filter data and prevent SQL-injection and other attacks?