Storing CC in mysql database ...

Storing CC in mysql database on shared server is bad. But, if there is no other alternative I am wondering what is good solution.

In my layout there is encrypted config.php file that contains database credentials. This file never connects to the database, it just has credentials in it to do so. When it is included in some other file it tests $SCRIPT_NAME to make sure that calling file is allowed to include it.

Short of entire server being compromised, is there any other way to steal this credit card info?

 

 

 

 

Top