i would pass everything through htmlentities(); when saving and html_entity_decode(); when loading it into the editor
;)
-PP