How do I keep a mySQL database secure?

Question

I\'m going to be implementing a PHP/mySQL setup to store credit card information.

It seems like AES_ENCRYPT/AES_DECRYPT is the way to go,

Answer 1

the security you need depends on your application. for example, if the only time the cc# will be used is when the user is logged in (thin online store type scenario), then you can encrypt the cc# with the a hash of the user's plain-text password, a per-user salt, and a dedicated cc# salt. do not store this value permanently.

since you're not storing this value, the only time you can get this value is when the user enters their password to log in. just make sure you have good session expiration and garbage collection policies in place.

if this situation does not apply to you, please describe your situation in more detail so we can provide a more appropriate answer.