HtmlEncode is the new addslashes()

Encode:

string EncodedString1 = HttpContext.Current.Server.HtmlEncode(foo);

 
 

Decode:

StringWriter myWriter = new StringWriter();

HttpUtility.HtmlDecode(foo, myWriter);

 
 

Use these as you might have used addslashes() and stripslashes() in 2004 when PHP was the better technology.

It's not 2004 anymore.