Php pages can be set up to work reasonably securely with mysql - level of security probably depends on how valuable your target is and how much effort you will put in. You'd probably want at least a dedicated web server (not a shared hosting effort) for anything with much value. The Flash to php communication is not going to be secure.
If you host on a secure server (https) then you will have encrypted communication between Flash and php, but the Flash swf file itself remains vulnerable to attack, decompiling. (It's not just Flash. Anything running client-side, in the browser, is likely to be at risk.)