Input validation to avoid XSS

How to perform input validation to avoid XSS?

EncodeForHTML vs. HTMLEditFormat

Is EncodeForHTML as it is more secure than HTMLEditFormat?