HttpUtility.HtmlEncode to validate user entries

I am trying to validate user inputs (free text) on a web page before the data is stored in the database. The site's written using unconvensional asp.net, as it was largely upgraded from classic asp.

I want to make sure / or protect users from entering text values along with invalid characters such html. At the moment, if the page is submitted it crashes.

Should I use the HttpUtility.HtmlEncode to correct each text box entry? Does 开发者_如何学Gothis sound feasible?

Thanks in advance.

Yes

One of the most important things you can do from a security perspective is to ensure you're encoding all types of data appropriately.

When you're storing HTML that has been put into a web form you no longer want it to be interpreted as HTML. HttpUtility.HtmlEncode ensures this happens, so yes you need to use it.