html_entity_decode transforms things like Code: <b> into Code: <b> I would assume it's not much of a security risk. I'm a little confused about why that would cause the black diamond problem though. I suspect the root of that is elsewhere. I haven't had to much of an issue with the diamonds. Occasional I'll submit a story and the first time I edit it I will get the diamonds but mostly it works as expected.