It is a very bad idea, and in most cases illegal to store the credit card details in your database. I don't recommend doing this.
if you are going to, you should at the very least use encryption to encrypt the credit card number and cvv values and when you are done, that info should be deleted from the DB as quickly as possible.
in the store order summary behavior, use the session bindings instead of the form bindings.