I would recommend that you use blocknotify to execute a CLI PHP script. The script would then use PHP JSON-RPC to call listsinceblock to get the transactions that occurred in the latest block and put them in a MySQL database.

When parsing incoming bitcoin payments, I wanted to show people a record of their topup's. Whenever funds arrived in an address the wallet owned, the -walletnotify callback was run using curl to call the website's URL, and specified the transaction ID. It checked the transaction corresponded to a user (checked the address was in a particular MySQL table). Once this was true, it would be stored with the userid, transaction id, send/receive, and confirmations (=0)

Before they could spend it, 6 confirmations had to pass. So every time the blocknotify trigger was run, it would gather all transactions in the table which had confirmations <50, and rescanned them every time a block came through. At 7 confirmations they were finally credited to the users database.

Since users 'spending' on my site only affected the database I ran into trouble, so if you're considering this you might just go with multi-signature transactions, I'm rewriting to build in support for multisig at the moment.