asp.net - c# , Mysql data comparison issue -

i using mysql asp.net save data in db . when save data in db after using server.htmlencode(), data saved after removing \ . how saving data

insert users(id,name) values(1,server.htmlencode(user.identity.name))  

in case if name xxx\abc , being saved xxxabc. slashes removed while saving in db.

next time when read same , need check if logged in user 1 against whom saved data following

if ( existingroweditor == server.htmlencode(user.identity.name)) {  } 

but issue above condition false because have following values existingroweditor="xxxabc" , server.htmlencode(user.identity.name) =xxx\\abc.

so how can check if above condition true?

html encoding not suitable encoding data storage in database.

the reason backslashes disappears pasting sql code, , encoding text display in web page instead of escaping being text in sql query. backslash used escape character in mysql, bacslashes in string escape next character.

preferrably should use parameterised queries instead of concatenating data sql query. if not possible, must escape text in string literal in sql code, have replace every backslash double backsashes, , prepend every apostrophe backslash. if fail escape properly, application wide open sql injection attacks.

html encoding values should done when display in web page, not before put in datbase.