Dim TestString As String = Me.TextBox2.Text Dim EncodedString As String = Server.HtmlEncode(TestString) sqlcmd.Parameters.AddWithValue("@commento", SqlDbType.VarChar).Value = EncodedString