What potential issues can arise from using HTML tags in MySQL database entries and how can they be resolved in PHP?

Using HTML tags in MySQL database entries can lead to security vulnerabilities such as SQL injection attacks or cross-site scripting (XSS) attacks. To prevent this, it is important to properly sanitize user input before inserting it into the database. One way to do this in PHP is by using the `mysqli_real_escape_string()` function to escape special characters.

// Assuming $conn is the mysqli connection object
$input = "<script>alert('XSS attack!');</script>";
$sanitized_input = mysqli_real_escape_string($conn, $input);

// Now $sanitized_input can be safely inserted into the database
$query = "INSERT INTO table_name (column_name) VALUES ('$sanitized_input')";
mysqli_query($conn, $query);