- htmlspecialchars: documentation ( source)
<?php
$_POST = array();
$_POST["orderId"]="9879879879_afadak31";
$_POST["orderAmount"]="190.0";
$_POST["referenceId"]="16242";
$_POST["txStatus"]="SUCCESS";
$_POST["paymentMode"]="NET_BANKING";
$_POST["txMsg"]="OK";
$_POST["txTime"]="2018-02-16 01:30:36";
echo 'Hello ' . htmlspecialchars($_POST["orderId"]) . '!';