Better yet, use a payment service like Secpay that has the facility for repeat transactions built into their secure server. Even passing credit card details via your website is a no no, let alone storing them there. And repeat transactions is the only possible reason I can think of for needing to store credit card numbers yourself.
Be aware, if you are asking the user to enter their credit card number on a form that submits to your server and then passing the details to your payment provider you are asking for trouble. If the wrong people spot it, you will come under attack. What you should be doing is using a service that allows you to upload your payment page to their server. They will have security experts on the staff whose sole job it is is to stay one step ahead of the hackers.
If you lose the right to process online transactions you could loose your business.
