On PHPMaster.com today there's a new tutorial that talks about PCI compliance with PHP applications and some of the technology you can use to help conform to its requirements.
In reality, PCI is a set of security guidelines drawn up by a consortium of credit card companies and industry security experts to govern how applications should behave when handling credit or debit card information. The card companies impose these standards on the banks who then impose them on those of us who operate e-commerce sites and the like. In this article we will dispel a couple of persistent myths about PCI, take a 20,000-foot look at what PCI encompasses, and then zero in on those requirements that are most closely associated with coding in general and PHP specifically.
He starts with some common myths about PCI (Payment Card Industry) compliance, including that it only applies to "the big guys" taking payments on the web. He then goes through some of the major points of the PCI requirements and talks about a few of them that specifically relate to the backend code side of things.