No, you shouldn't be emailing it, you should be getting your approval/decline from your processor and inserting the info that is returned back by the processor (transaction numbers etc, not the actual credit card info) to your database. Sending the payment information via email will likely get your merchant account stripped if your provider catches wind of that.

If you do not know how to program, just get someone to do it for you. The liability isn't worth it IMHO if you do not know what you are doing. Either that, or get some premade thingy that you can just plug your info in.

I don't want the form to actually process the payments. I just want the credit card numbers to come to me so I can process them by phone.

I was having a bit of a look at PGP, would it be a good idea to have the email encrypted or is this still not secure enough?

I do program using PHP so writing code isn't really an issue.

If you are sending it to an email address, you must encrypt it. Again, make sure that your credit card processor is ok with this. I dont think they will let you email it to be honest, but I certainly could be wrong.

Most processors require that your server/website is compliant with the associations regulations (I cant remember the acrynomn for the compliance, I want to say CRISP but that that doesn't sound right).

Any particular reason why you want to call in the transactions? Seems like you will be doing a lot more work to process than if you just processed them in real-time?

Encrypt the card info with PGP or the open source version GnuPG before sending the email. Then unencrypt the info on the client's computer.

Some bank cards allow this. Some don't.