I recently setup my RPi just for learning Linux, python and some basic electric circuit for small projects. Sometime I need to access to my system through internet, so I set port forwarding function to open port 22 and 80 for Raspberry Pi. Since this is only for learning purpose, there's really nothing important and there's no sensitive data saved on this machine. So I don't worry much about the security issue.
What I really worry is: Other than the Raspberry Pi, is there any risk to my other devices inside same local network? Is it possible(or easy) to hack those devices only from that open port?
The answer to your question, as stated is "No, there is no notable risk to your other devices from those open ports to your Raspberry Pi." However, if someone is to compromise you, they'd need to first compromise your Pi and then use that. Any vulnerabilities would require:
Practically, if you have a secure SSH setup and are running your HTTP server in a way that is secure, it is very unlikely that anyone could do anything. If they did, they'd need to compromise. If you use keys for SSH login and don't do anything non-standard for HTTP, you should be plenty good. You can also change the SSH port to run on a non-standard port and that will obscure things slightly, though it will not change the theoretical vulnerabilities.