As an interesting side note to those who say you should sanitize late rather than early:
I have run into all kinds of XSS when opening tables in my database. Yes, I learned that opening said tables in PHPMyAdmin might not be a good idea.
That was an interesting experience to be sure.
I have to agree with what most people are saying. Allowing direct HTML posting that other users can see is sure to cause at least headaches, if not major problems. You’re better off using some kind of wiki system, or some kind of subset of HTML, where only the tags you are interested in are allowed.