you are definitely not supposed to be storing cvv numbers, in plaintext or otherwise. according to pci, you're not supposed to be storing or processing credit card numbers on the same machine (or even network, i believe) as your public web server.
if you are not sure how to handle this stuff, please, for the sake of your customers, use a company that does know how to do it. companies like braintree (http://www.braintreepaymentsolutions.com/) have a secure vault service that lets you store credit card information on their servers which you then access on a per-charge basis using a token.
if you are not sure how to handle this stuff, please, for the sake of your customers, use a company that does know how to do it. companies like braintree (http://www.braintreepaymentsolutions.com/) have a secure vault service that lets you store credit card information on their servers which you then access on a per-charge basis using a token.