I suggest that you do some searching - this has been covered countless times.
Sounds like you need to do some other base research though if you're not aware of how payment processing works or even the basic requirements. There is a pretty stringent security requirement depending on how you implement it. Make sure you understand the implications of your design on the security side of things or you'll eventually get hacked and then everyone will be very, very sad.
On your last question, I wouldn't EVER consider allowing a user to submit credit card data on a non SSL connection.
Your communication with the payment gateway does need to be encrypted also but that's a gateway specific thing.
Good luck.