Scribd
Upload
234 views88 pages

Design A Secure Online Banking Transaction System P15

This document proposes designing a secure online banking transaction system. It discusses the existing manual banking system and proposes an online system to provide easier access and reduce queues. It analyzes the feasibility of the system and outlines the hardware, software and communication requirements. Diagrams are included to illustrate the system design and data flow. The document aims to develop a well-structured online banking system that is accessible, efficient and reduces human traffic at banks.

Uploaded by

smartway projects
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
234 views88 pages

Design A Secure Online Banking Transaction System P15

This document proposes designing a secure online banking transaction system. It discusses the existing manual banking system and proposes an online system to provide easier access and reduce queues. It analyzes the feasibility of the system and outlines the hardware, software and communication requirements. Diagrams are included to illustrate the system design and data flow. The document aims to develop a well-structured online banking system that is accessible, efficient and reduces human traffic at banks.

Uploaded by

smartway projects
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 88

A STUDY ON

“DESIGN A SECURE ONLINE BANKING TRANSACTION SYSTEM


ZENSOR TECHNOLOGY

1
ABSTRACT

2
CONTENTS

1. INTRODUCTION PAGE NO :
1.1 Organization Profile
Synopsis
2. PROBLEM DEFINITIONS
2.1 Existing System
2.2 Proposed System
3. SYSTEM ANALYSIS
3.1Feasibility Analysis
4. SYSTEM REQUIREMENTS
4.1Hardware Requirements
4.2 Software Requirements
5. SYSTEM DESIGN
5.1E-R diagram
5.2Data Dictionary
5.3Data Flow Diagram
6. SYSTEM DESCRIPTION
7. SOURCE CODE
8. SYSTEM TESTING
9. SNAPSHOTS AND REPORTS
10. FUTURE ENHANCEMENTS
11. CONCLUSION

BIBILIOGRAPHY

3
INTRODUCTION

4
INTRODUCTION

The main purpose that banks have been serving since their inception is keeping our money safe
for us. While keeping our money safe, they also let us earn a certain amount of interest on the money
deposited with them. Traditional banks have been doing this, and internet banks continue the same
function. The only difference is in the way the transactions are made.

They all know about internet banking and most of us use it quite often as well, but few of us
actually understand about the history of internet banking and how it all came out. Knowing the history of
internet banking can be incredibly useful, especially since it will allow us to have more respect for the
little things that we take for granted.

Internet banking has been around for quite a few years now, but has really only become
prominent over the past year or so in particular. Internet banking offers an array of different advantages
to the user, including account balances and history including year-to-date information, the ability to
transfer money from one account to another and to payees for bill payments, check history, reorders, and
stop payments, check credit card balances and statements, complete online loan applications, secure
interactive messaging with staff, and much more. Internet banking basically allows you to be able to do
everything that you can in your regular banking institution, only with the benefit that you can do it all
right from the convenience of your own home. Not only is this great because you can be comfortable and
have peace of mind knowing that you can keep track yourself of all your banking issues, but as well it
allows for more ease because you never have to worry about rushing out and making it to the bank.

5
ABOUT THE COMPANY

Bharat Sevak Samaj (BSS) is the National Development Agency sponsored by the
Planning Commission, Government of India to ensure public co-operation for
implementing government plans. The main purpose behind the formulation of Bharat Sevak
Samaj is to initiate a nation wide, non official and non political organization with the object
of enabling, individual citizens to contribute, in the form of an organized co-operative effort,
to the implementation of the National Development Plan. The constitution and functioning
of Bharat Sevak Samaj is approved unanimously by the Indian Parliament.

      Bharat Sevak Samaj is a mission and movement to mobilize peoples’ active


participation and the development programs of the Nation was set up in 1952 under the
president ship of Pandit Jawaharlal Nehru, then Prime Minister of India on the
recommendation of the National Advisory Committee on public co-operation of the Planning
Commission, Government of India. BSS have developed scientifically as the most powerful
National Development Agency in India with its ardent initiative for the reconstruction,
resurgence and rejuvenate of the society. BSS presently carries out numerous functional
activities and vocational training programs in various fields all over India through its
franchises with an idea of tackling unemployment through job oriented education.

6
BSS Cyber Solutions

      BSS Cyber Solutions (BSS CS) is a division of Bharat Sevak Samaj to provide
total solutions in the arena of Information Technology and to promote high end IT
education and training all over India. BSS Cyber Solutions as a part of its total
computer education policy, imparting training in various courses of computer
technology all over India through franchises. The training programs are suitable for
non-matriculates, matriculates graduates, post graduates, professionally qualified
people, and business men and employed personal. BSS CS offers courses certified
by Bharat Sevak Samaj and International companies like Microsoft, CISCO,
CompTIA etc.

7
SYNOPSIS

Online Banking System

With cybercafés and kiosks springing up in different cities access to the Net is going to
be easy. Internet banking (also referred as e banking) is the latest in this series of technological
wonders in the recent past involving use of Internet for delivery of banking products & services.
Even the Morgan Stanley Dean Witter Internet research emphasized that Web is more important
for retail financial services than for many other industries. Internet banking is changing the
banking industry and is having the major effects on banking relationships. Banking is now no
longer confined to the branches were one has to approach the branch in person, to withdraw cash
or deposit a cheque or request a statement of accounts. In true Internet banking, any inquiry or
transaction is processed online without any reference to the branch (anywhere banking) at any
time. Providing Internet banking is increasingly becoming a "need to have" than a "nice to have"
service. The net banking, thus, now is more of a norm rather than an exception in many
developed countries due to the fact that it is the cheapest way of providing banking services.

8
PROBLEM DESCRIPTION
9
PROBLEM DESCRIPTION

Existing System

Existing system is the traditional banking, where customers have to go through the long queue,
time wasted and still wouldn’t have access to efficient and effective banking system.

Proposed System

Considering the stress and time taken to go to bank and do transaction. The development of a
well structure and secured online banking system will allow customer to perform objectives like, creating
a banking system that is easily accessible by customers from the comfort of their homes, offices. Reduce
the flow of human traffic and long queues at banks; Promote efficient and effective banking for the banks
by focusing on those services that still require physical presence at the banking hall. Provides intra-bank
funds transfer services to their customers. Keep a detailed log of customer transactions with the bank on
his account. Generate the statement of account of a selected period of time for customers. And Provide a
customer relationship services.

10
SYSTEM ANALYSIS

11
SYSTEM ANALYSIS
System analysis is a logical process; the objective of this stage is not actually to solve the
problem but to determine what must be done to solve the problem. The basic objective of the analysis
stage is to develop the logical model of the system using tools such as UML (Unified modeling
language).

MAIN OBJECTIVE

 To reduce the manual and paper work.


 To provide quick access.
 Easy maintenance of records

FEASIBILITY ANALYSIS

Feasibility is the determination of whether or not a project is worth doing. The processes
is followed in making this determination is called a feasibility study. Feasibility study is the test of
system proposal according to its workability, Impact on the organization ability to meet user’s needs, and
effective use of resources. The result of feasibility study is a formal proposal. This is simply a report – a
formal document detailing the nature and scope of the proposed solution .The main objective of a
feasibility study is to test the technical, social and economic feasibility of developing a computer system.
This is done by investigation the existing system in the area under investigation and generating ideas
about a new system. On studying the feasibility of the system, three major considerations are dealt with,
to find whether the automation of the system is feasible.

12
SYSTEM
REQUIREMENTS

13
Software Requirements

Application Requirements

 Microsoft Windows 2000


 PHP (Apache Tomcat 5.5)

Database Server

 My SQL 5.0.

Client and Browser

 Microsoft Internet Explorer (6+).


 Mozilla Firefox.

Hardware Requirements

Hardware Requirements (Minimum)

 Pentium IV 233MHz.
 128 MB RAM.
 250 MB free hard disk space.

14
Communication Interface

 Client on Internet will be using HTTP/HTTPS protocol.


 Client on Intranet will be using TCP/IP protocol.
 A Web Browser such as IE 6.0 or equivalent.

SYSTEM DESIGN

15
Data Flow Diagrams

 This Diagram server two purpose.

 Provides an indication of how date is transformed as it moves through the system.


 Disputes the functions and sub functions that transforms the dataflow.

 The Data flow diagram provides additional information that is used during the analysis of the
information domain, and server as a basis for the modelling of functions.
 The description of each function presented in the DFD is contained is a process specifications
called as PSPEC

Admin Panel:

Login

Authentication View customers


Admin Login

16
Transaction:

Transaction Verification

Deposit Withdraw Enquiry

Choose Transaction

Account choose Transaction

Saving Current Fixed deposit

17
Processing:

Reporting
Customer Authority

Candidate

Database Update

ER-Diagrams

 The entity Relationship Diagram (ERD) depicts the relationship between the data objects. The
ERD is the notation that is used to conduct the date modelling activity the attributes of each
data object noted is the ERD can be described resign a data object descriptions.
 The set of primary components that are identified by the ER-Diagram are
 Data object
 Relationships
 Attributes
 Various types of indicators.
18
 The primary purpose of the ERD is to represent data objects and their relationships.

ER-Diagram

19
Customer id
Admin id Password
Password

Address
Manage Customer
Administrator s
Phone no

Date of Birth

Age

IS Email

Balance_enq
Funds_transfer Mini stmts
Accounts_types

Availabl
Genera Perfor Generat e
te the m e amount
account transac trans_li
s tions st

Displays

20
Activity Diagram for overall system

Start

Enter userId &


Password

Valid
user

21

Balance enquiry Funds transfer Transfer update Mini statements


profile
Your account Transaction
balance ammount

Log out

No

Stop

22
Accessing view:

User after logging into his/her account a page is displayed with the basic requirements:

1) Balance Enquiry.

2) Funds Transfer

User can perform various actions on his/her account.

Name of Use-Case: Balance enquiry.

Description:
 Client can view the balance left in his account, if once he has entered into his
account.

Preconditions:
 The client has already been logged in.

23
Fund Transfer:

24
25
Users of the system:

In this online internet banking system, the users are

 Administrators
 Customers

Administrator: He is the super user responsible for managing system users, taking system
backup, generating reports, maintaining organization details, Starting Sessions and ending
Sessions and also manages various requests from different Types of users.

 Providing Username, Password and other information required for the users to start
an account.
 Starting Sessions: The Administrator creates the system users and will be assigned
with the different roles. He is also responsible to start the session when a particular
user wants to use the system every time (It is automatically managed setup).
 Managing Data Backup: The Administrator is responsible for managing entire
details by taking the backup periodically. He also takes the Backup of the database in
order to prevent loss of data on system crashes or in order to prevent malfunctioning.
He can take a backup of entire database or a particular section.
 Crash Recovery: The Administrator manages the crash recovery at the time of
system crash or failure occurs.

 Ending session: The administrator is responsible for ending the session when the
particular user logged out of the system (It is automatically managed setup).

26
Customer (Normal/others): Ordinary customers have a user name & password with which they can
login into their account. They can perform all the transactions such as funds transfer, balance enquiry etc
by sitting at their home on internet.

 Login: User can login to the system by providing appropriate username and
password provided by the administrator.

 Selecting the Account: After logging in the user is provided with a screen showing
the details of accounts and he selects one of the account inorder to perform the
transaction.

 Balance Enquiry: He can view the balance left in his account, if once he has
entered into his account.

 Funds Transfer: Upon the request the user can transfer funds from his account to
other accounts.

 Mini statements: He also can take a mini statement print out upon his requirement.

27
28
Database Design

CustomerAI

Field Name Data Type SIZE

AccountNo Varchar 50

A_Sno Int 4

UserID Varchar 50

AccountName Varchar 50

AccountType Varchar 50

Balance Int -

Login Details

Field Name Data Type SIZE

Sno Int 15

UserID Varchar 20

Password Varchar 20

Mini_stat

Field Name Data Type SIZE

UserID Varchar 50

T_date Date -

29
T_Id Int 20

T_Accountno Int 20

T_Amount Int -

CustomerPI

Field Name Data Type SIZE

UserID Varchar 50

FirstName Varchar 50

LastName Varchar 50

FatherName Varchar 50

R_Address Varchar 500

DOB Varchar 50

Age Int 2

Landline_No Varchar 20

Mobile_Phone Varchar 10

Nationality Varchar 10

Email Varchar 50

Occupation Varchar 50

O_Address Varchar 50

30
Office_phone Varchar 50

Employer Varchar 50

City Varchar 50

Pincode Varchar 50

State Varchar 50

Country Varchar 50

Bankdb (Transaction List)

Field Name Data Type SIZE

T_Id Int 30

AccountNo Varchar 50

TDate Varchar 50

Debit Int 20

Credit Int 20

Balance Int -

DepositAcct Varchar 50

WithdrawAcct Varchar 50

31
32
SYSTEM
DESCRIPTION

33
Overall Description

The Online banking Application project will be divided into 4 modules namely:

 Login
 Registration
 Account Information
 Transaction

Description

Login: The customer is asked to enter user name & password. When the user enters the
details & submits it goes to a validation engine where it checks valid/not. If valid he is shown
with list of accounts he has with the bank.

Authentication provides a way of identifying a user, typically by having the user enter a
valid user name and valid password before access is granted. The process of authentication is based
on each user having a unique set of criteria for gaining access. Server compares a user's
authentication credentials with other user credentials stored in a database. If the credentials match,
the user is granted access to the account. If the credentials are at variance, authentication fails and
account access is denied.

Authorisation service manages authentication, authorization, and access control to user


accounts, subject to approval from the account holder. several account authorization APIs to
accommodate different types of access. After Authentication a user will be verified for performing
the various tasks, It access is limited it is known as authorization

Registration: Once your registration is complete you will be able to access all of your
accounts, with information asked in the prompts during the registration process. We use this
information to authenticate you as a user with access to the retail loan or lease account. Details such
as name........add phone......20

34
Account Information:

o Selecting the Account: After logging in the user is choose the details of accounts and he
selects one of the accounts in order to perform the transaction.

o Balance Enquiry: The balance details of a particular account to display.

Balance of current account ,fixed and saving account

Transaction: This module maintains the information related to the funds that have been
transferred by the customer from one of his account to another account of his own. This module
helps the customer in executing the fund transfer without the physical visit to the banks premises.

o Mini Statement: When the user requests for mini statements in the home page, system
asks the type of statement needed by the customer. When the customer selects the type
of statement. The system displays the list of transactions on the screen. If the customer
wants to take print outs he can take the print outs of the same.

35
SOFTWARE
PROFILE

36
Tools and Technologies used

PHP

PHP: Hypertext Preprocessor (the name being a recursive acronym) is a widely used,
general-purpose scripting language that was originally designed for web development to
produce dynamic web pages. For this purpose, PHP code is embedded into the HTML source
document and interpreted by a web server with a PHP processor module, which generates the
web page document. As a general-purpose programming language, PHP code is processed by an
interpreter application in command-line mode performing desired operating system operations
and producing program output on its standard output channel. It may also function as a graphical
application. PHP is available as a processor for most modern web servers and as standalone
interpreter on most operating systems and computing platforms.

PHP was originally created by Rasmus Lerdorf in 1995 and has been in continuous development
ever since. The main implementation of PHP is now produced by The PHP Group and serves as the de
facto standard for PHP as there is no formal specification. PHP is free software released under the PHP
License, which is incompatible with the GNU General Public License (GPL) because restrictions exist
regarding the use of the term PHP.

Security

The National Vulnerability Database stores all vulnerabilities found in computer


software. The overall proportion of PHP-related vulnerabilities on the database amounted to:
20% in 2004, 28% in 2005, 43% in 2006, 36% in 2007, 35% in 2008, and 30% in 2009. Most of
these PHP-related vulnerabilities can be exploited remotely: they allow hackers to steal or
destroy data from data sources linked to the webserver (such as an SQL database), send spam or
contribute to DoS attacks using malware, which itself can be installed on the vulnerable servers.

These vulnerabilities are caused mostly by not following best practice programming
rules: technical security flaws of the language itself or of its core libraries are not frequent (23 in
2008, about 1% of the total). Recognizing that programmers cannot be trusted, some languages
include taint checking to detect automatically the lack of input validation which induces many
issues. Such a feature is being developed for PHP, but its inclusion in a release has been rejected
several times in the past.
37
Hosting PHP applications on a server requires a careful and constant attention to deal with these
security risks. There are advanced protection patches such as Suhosin and Hardening-Patch, especially
designed for web hosting environments.

Speed optimization

As with any interpreted language, PHP scripts are stored as human-readable source code
and are compiled on-the-fly by the PHP engine. In order to speed up execution time and not
have to compile the PHP source code every time the webpage is accessed, PHP scripts can also
be stored in binary format using PHP compilers such as phc and roadsend.

Code optimizers aim to reduce the runtime of the compiled code by reducing its size and
making other changes that can reduce the execution time with the goal of improving
performance. The nature of the PHP compiler is such that there are often opportunities for code
optimization, and an example of a code optimizer is the eAccelerator PHP extension.

Another approach for reducing overhead for high load PHP servers is using an Opcode
cache. Opcode caches work by caching the compiled form of a PHP script (opcodes) in shared
memory to avoid the overhead of parsing and compiling the code every time the script runs.

Resources

PHP includes free and open source libraries with the core build. PHP is a fundamentally
Internet-aware system with modules built in for accessing FTP servers, many database servers,
embedded SQL libraries such as embedded PostgreSQL, MySQL and SQLite, LDAP servers,
and others. Many functions familiar to C programmers such as those in the stdio family are
available in the standard PHP build.

PHP allows developers to write extensions in C to add functionality to the PHP language. These
can then be compiled into PHP or loaded dynamically at runtime. Extensions have been written to add
support for the Windows API, process management on Unix-like operating systems, multibyte strings
(Unicode), cURL, and several popular compression formats. Some more unusual features include
integration with Internet Relay Chat, dynamic generation of images and Adobe Flash content, and even

38
speech synthesis. The PHP Extension Community Library (PECL) project is a repository for extensions
to the PHP language.

My- SQL
MySQL is a relational database management system (RDBMS)

1. That runs as a server providing multi-user access to a number of databases.


MySQL is officially pronounced (My S-Q-L), but often pronounced (My
SeQueL).
2. The MySQL development project has made its source code available under the
terms of the GNU General Public License, as well as under a variety of
proprietary agreements. MySQL is owned and sponsored by a single for-profit
firm, the Swedish company MySQL AB, now owned by Sun Microsystems, a
subsidiary of Oracle Corporation.
3. Members of the MySQL community have created several forks such as Drizzle
and MariaDB. Both forks were in progress long before the Oracle.

Uses

Many web applications use MySQL as the database component of a LAMP software
stack. Its popularity for use with web applications is closely tied to the popularity of PHP, which
is often combined with MySQL

Platforms and interfaces

MySQL code uses C and C++. The SQL parser uses yacc and a home-brewed lexer. It is
works on many different system platforms, including AIX, BSDi, FreeBSD, HP-UX, i5/OS,
Linux, Mac OS X, NetBSD, Novell NetWare, OpenBSD, OpenSolaris, eComStation, OS/2
Warp, QNX, IRIX, Solaris, Symbian, SunOS, SCO OpenServer and Microsoft Windows. All
major programming languages with language-specific APIs include Libraries for accessing
MySQL databases. In addition, an ODBC interface called MyODBC allows additional
programming languages that support the ODBC interface to communicate with a MySQL
database, such as ASP or ColdFusion. The MySQL server and official libraries are mostly
39
implemented in ANSI C &ANSI C++.

Database

A collection of programs that enables you to store, modify, and extract information from a
database. Information of the users gets stored in a relational database. The application works well with
MS- Access as database, it also works well with MySQL, SQL Server 2000 and Oracle.

Data Manipulation Language (DML) is used to modify the data present in database:

 SELECT - extracts data from a database table


 UPDATE - updates data in a database table
 DELETE - deletes data from a database table
 INSERT INTO - inserts new data into a database table

The Data Definition Language (DDL) is used to define the data:

 CREATE TABLE - creates a new database table


 ALTER TABLE - alters (changes) a database table
 DROP TABLE - deletes a database table
 CREATE INDEX - creates an index (search key)
 DROP INDEX - deletes an index

Official

The official MySQL Workbench is a free integrated environment developed by MySQL


AB, that enables users to graphically administer MySQL databases and visually design database
structure. MySQL Workbench replaces the previous package of software, MySQL GUI Tools.
Similar to other third-party packages but still considered the authoritative MySQL frontend,
MySQL Workbench lets users manage the following:
40
 Database design & modeling

 SQL development — replacing MySQL Query Browser

 Database administration — replacing MySQL Administrator

In this project, MySQL is used as the backend database. MySQL is an opensource database
management system. The features of MySQL are given below

 MySQL is a relational database management system. A relational database stores information in


different tables, rather than in one giant table. These tables can be referenced to each other, to
access and maintain data easily.
 MySQL is open source database system. The database software can be used and modify by
anyone according to their needs.
 It is fast, reliable and easy to use. To improve the performance, MySQL is multithreaded
database engine. A multithreaded application performs many tasks at the same time as if multiple
instances of that application were running simultaneously.

In being multithreaded MySQL has many advantages. A separate thread handles each incoming
connection with an extra thread that is always running to manage the connections. Multiple clients can
perform read operations simultaneously, but while writing, only hold up another client that needs access
to the data being updated. Even though the threads share the same process space, they execute
individually and because of this separation, multiprocessor machines can spread the thread across many
CPUs as long as the host operating system supports multiple CPUs. Multithreading is the key feature to
support MySQL’s performance design goals. It is the core feature around which MySQL is built.

41
SOURCE CODE

42
Source code

<?php

ob_start();

define('ROOT_PATH', dirname(__FILE__));

if(!is_file(ROOT_PATH . '/lib/confs/Conf.php')) {

header('Location: ./install.php');

exit ();

session_start();

if(!isset($_SESSION['fname'])) {

header("Location: ./login.php");

exit();

if(isset($_GET['ACT']) && $_GET['ACT']=='logout') {

session_destroy();

setcookie('Loggedin', '', time()-3600, '/');

header("Location: ./login.php");

exit();

define('Admin', 'MOD001');

43
define('PIM', 'MOD002');

define('MT', 'MOD003');

define('Report', 'MOD004');

define('Leave', 'MOD005');

define('TimeM', 'MOD006');

define('Benefits', 'MOD007');

define('Recruit', 'MOD008');

$arrRights=array('add'=> false , 'edit'=> false , 'delete'=> false, 'view'=> false);

$arrAllRights=array(Admin => $arrRights,

PIM => $arrRights,

MT => $arrRights,

Report => $arrRights,

Leave => $arrRights,

TimeM => $arrRights,

Benefits => $arrRights,

Recruit => $arrRights);

require_once ROOT_PATH . '/lib/models/maintenance/Rights.php';

require_once ROOT_PATH . '/lib/models/maintenance/UserGroups.php';

require_once ROOT_PATH . '/lib/common/CommonFunctions.php';

require_once ROOT_PATH . '/lib/common/Config.php';

require_once ROOT_PATH . '/lib/common/authorize.php';

$_SESSION['path'] = ROOT_PATH;

?>

<?php

/* Default modules */

44
if (!isset ($_GET['menu_no_top'])) {

if ($_SESSION['isAdmin'] == 'Yes') {

$_GET['menu_no_top'] = "hr";

} else if ($_SESSION['isSupervisor']) {

$_GET['menu_no_top'] = "ess";

} else {

$_GET['menu_no_top'] = "ess";

/* For checking TimesheetPeriodStartDaySet status : Begins */

if (Config::getTimePeriodSet()) {

$_SESSION['timePeriodSet'] = 'Yes';

} else {

$_SESSION['timePeriodSet'] = 'No';

/* For checking TimesheetPeriodStartDaySet status : Ends */

if($_SESSION['isAdmin']=='Yes') {

$rights = new Rights();

// $arrRights=array('add'=> true , 'edit'=> true, 'delete'=> true, 'view'=> true);

foreach ($arrAllRights as $moduleCode=>$currRights) {

$arrAllRights[$moduleCode]=$rights->getRights($_SESSION['userGroup'],
$moduleCode);

$ugroup = new UserGroups();

45
$ugDet = $ugroup ->filterUserGroups($_SESSION['userGroup']);

$arrRights['repDef'] = $ugDet[0][2] == '1' ? true : false;

} else {

/* Assign supervisors edit and view rights to the PIM

* They have PIM rights over their subordinates, but they cannot add/delete

* employees. But they have add/delete rights in the employee details page.

*/

if ($_SESSION['isSupervisor']) {

$arrAllRights[PIM]=array('add'=> false , 'edit'=> true , 'delete'=> false, 'view'=>


true);

/*

* Assign Manager's access to recruitment module

*/

if ($_SESSION['isManager'] || $_SESSION['isDirector'] || (isset($_SESSION['isAcceptor']) &&


$_SESSION['isAcceptor']) || (isset($_SESSION['isOfferer']) && $_SESSION['isOfferer'])){

$arrAllRights[Recruit]=array('add'=> false , 'edit'=> true , 'delete'=> false, 'view'=> true);

switch ($_GET['menu_no_top']) {

case "eim":

$arrRights=$arrAllRights[Admin];

break;

case "hr" :

$arrRights=$arrAllRights[PIM];

break;

46
case "mt" :

$arrRights=$arrAllRights[MT];

break;

case "rep" :

$arrRights=$arrAllRights[Report];

break;

case "leave" :

$arrRights=$arrAllRights[Leave];

break;

case "time" :

$arrRights=$arrAllRights[TimeM];

break;

case "recruit" :

$arrRights=$arrAllRights[Recruit];

break;

$_SESSION['localRights']=$arrRights;

$styleSheet = CommonFunctions::getTheme();

$authorizeObj = new authorize($_SESSION['empID'], $_SESSION['isAdmin']);

// Default leave home page

if ($authorizeObj->isAdmin()){

$leaveHomePage = 'lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_FetchLeaveAdmin&NewQuery=1';

} else if ($authorizeObj->isSupervisor()) {

if ($authorizeObj->isAdmin()){

$leaveHomePage = 'lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_HomeSupervisor';

47
} else {

$leaveHomePage = 'lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_FetchLeaveSupervisor';

} else if ($authorizeObj->isESS()) {

$leaveHomePage = 'lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_Summary&id='.$_SESSION['empID'];

// Time module default pages

if (!$authorizeObj->isAdmin() && $authorizeObj->isESS()) {

if ($_SESSION['timePeriodSet'] == 'Yes') {

$timeHomePage = 'lib/controllers/CentralController.php?
timecode=Time&action=View_Current_Timesheet';

} else {

$timeHomePage = 'lib/controllers/CentralController.php?
timecode=Time&action=Work_Week_Edit_View';

$timesheetPage = 'javascript: location.href = \'' . $_SESSION['WPATH'] .


'/lib/controllers/CentralController.php?
timecode=Time&action=View_Current_Timesheet&clientTimezoneOffset=\' + escape((new
Date()).getTimezoneOffset() * -1);';

} else {

if ($_SESSION['timePeriodSet'] == 'Yes') {

$timeHomePage = 'lib/controllers/CentralController.php?
timecode=Time&action=View_Select_Employee';

} else {

$timeHomePage = 'lib/controllers/CentralController.php?
timecode=Time&action=Work_Week_Edit_View';

48
$timesheetPage = 'lib/controllers/CentralController.php?
timecode=Time&action=View_Select_Employee';

/* Attendance Default Page */

if ($authorizeObj->isAdmin()) {

$attendanceDefault = 'lib/controllers/CentralController.php?
timecode=Time&action=Show_Employee_Report';

} else {

$attendanceDefault = 'lib/controllers/CentralController.php?
timecode=Time&action=Show_My_Report';

if (!$authorizeObj->isAdmin() && $authorizeObj->isESS()) {

$beneftisHomePage = 'lib/controllers/CentralController.php?
benefitcode=Benefits&action=Benefits_Schedule_Select_Year';

$empId = $_SESSION['empID'];

$year = date('Y');

$personalHspSummary = "lib/controllers/CentralController.php?
benefitcode=Benefits&action=Search_Hsp_Summary&empId=$empId&year=$year";

} else {

$beneftisHomePage = 'lib/controllers/CentralController.php?
benefitcode=Benefits&action=Benefits_Schedule_Select_Year';

$personalHspSummary = 'lib/controllers/CentralController.php?
benefitcode=Benefits&action=Hsp_Summary_Select_Year_Employee_Admin';

if ($authorizeObj->isESS()) {

if ($_SESSION['timePeriodSet'] == 'Yes') {

$timeHomePage = 'lib/controllers/CentralController.php?
timecode=Time&action=Show_Punch_View';

} else {

49
$timeHomePage = 'lib/controllers/CentralController.php?
timecode=Time&action=Work_Week_Edit_View';

if ($authorizeObj->isAdmin()) {

$recruitHomePage = 'lib/controllers/CentralController.php?recruitcode=Vacancy&action=List';

} else if ($authorizeObj->isManager() || $authorizeObj->isDirector() || $authorizeObj->isAcceptor() ||


$authorizeObj->isOfferer()) {

$recruitHomePage = 'lib/controllers/CentralController.php?recruitcode=Application&action=List';

// Default page in admin module is the Company general info page.

$defaultAdminView = "GEN";

$allowAdminView = false;

if ($_SESSION['isAdmin']=='No') {

if($_SESSION['isProjectAdmin']) {

// Default page for project admins is the Project Activity page

$defaultAdminView = "PAC";

// Allow project admins to view PAC (Project Activity) page only (in the admin module)

// If uniqcode is not set, the default view is Project activity

if ((!isset($_GET['uniqcode'])) || ($_GET['uniqcode'] == 'PAC')) {

$allowAdminView = true;

if($_SESSION['isSupervisor']) {

50
// Default page for supervisors is the Company property page

$defaultAdminView = "TCP";

// Allow supervisors to view TCP (Company property) page only (in the admin module)

// If uniqcode is not set, the default view is Company Property

if ((!isset($_GET['uniqcode'])) || ($_GET['uniqcode'] == 'TCP')) {

$allowAdminView = true;

require_once ROOT_PATH . '/lib/common/Language.php';

require_once ROOT_PATH . '/lib/common/menu/MenuItem.php';

$lan = new Language();

require_once ROOT_PATH . '/language/default/lang_default_full.php';

require_once($lan->getLangPath("full.php"));

require_once ROOT_PATH . '/themes/' . $styleSheet . '/menu/Menu.php';

$menuObj = new Menu();

/* Create menu items */

/* TODO: Extract to separate class */

$menu = array();

/* View for Admin users */

51
if ($_SESSION['isAdmin']=='Yes' || $arrAllRights[Admin]['view']) {

$menuItem = new MenuItem("admin", $lang_Menu_Admin, "./index.php?menu_no_top=eim");

$menuItem->setCurrent($_GET['menu_no_top']=="eim");

$sub = new MenuItem("companyinfo", $lang_Menu_Admin_CompanyInfo, "#");

$subsubs[] = new MenuItem("companyinfo", $lang_Menu_Admin_CompanyInfo_Gen,


"index.php?uniqcode=GEN&menu_no_top=eim");

$subsubs[] = new MenuItem("companyinfo", $lang_Menu_Admin_CompanyInfo_Locations,


"index.php?uniqcode=LOC&menu_no_top=eim");

$subsubs[] = new MenuItem("companyinfo", $lang_Menu_Admin_CompanyInfo_CompStruct,


"index.php?uniqcode=CST&menu_no_top=eim");

$subsubs[] = new MenuItem("companyproperty",$lang_Menu_Admin_Company_Property,


"index.php?uniqcode=TCP&menu_no_top=eim&pageNo=1");

$sub->setSubMenuItems($subsubs);

$subs = array();

$subs[] = $sub;

$sub = new MenuItem("job", $lang_Menu_Admin_Job, "#");

$subsubs = array();

$subsubs[] = new MenuItem("job", $lang_Menu_Admin_Job_JobTitles, "index.php?


uniqcode=JOB&menu_no_top=eim");

$subsubs[] = new MenuItem("job", $lang_Menu_Admin_Job_JobSpecs, "index.php?


uniqcode=SPC&menu_no_top=eim");

$subsubs[] = new MenuItem("job", $lang_Menu_Admin_Job_PayGrades, "index.php?


uniqcode=SGR&menu_no_top=eim");

$subsubs[] = new MenuItem("job", $lang_Menu_Admin_Job_EmpStatus, "index.php?


uniqcode=EST&menu_no_top=eim");

$subsubs[] = new MenuItem("job", $lang_Menu_Admin_Job_EEO, "index.php?


uniqcode=EEC&menu_no_top=eim");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

52
$sub = new MenuItem("qualifications",$lang_Menu_Admin_Quali, "#");

$subsubs = array();

$subsubs[] = new MenuItem("qualifications", $lang_Menu_Admin_Quali_Education,


"index.php?uniqcode=EDU&menu_no_top=eim");

$subsubs[] = new MenuItem("qualifications", $lang_Menu_Admin_Quali_Licenses, "index.php?


uniqcode=LIC&menu_no_top=eim");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("skills",$lang_Menu_Admin_Skills, "#");

$subsubs = array();

$subsubs[] = new MenuItem("skills", $lang_Menu_Admin_Skills_Skills, "index.php?


uniqcode=SKI&menu_no_top=eim");

$subsubs[] = new MenuItem("skills", $lang_Menu_Admin_Skills_Languages, "index.php?


uniqcode=LAN&menu_no_top=eim");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("memberships",$lang_Menu_Admin_Memberships, "#");

$subsubs = array();

$subsubs[] = new MenuItem("memberships",


$lang_Menu_Admin_Memberships_MembershipTypes, "index.php?
uniqcode=MEM&menu_no_top=eim");

$subsubs[] = new MenuItem("memberships",$lang_Menu_Admin_Memberships_Memberships,


"index.php?uniqcode=MME&menu_no_top=eim");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("natandrace",$lang_Menu_Admin_NationalityNRace, "#");

$subsubs = array();

$subsubs[] = new MenuItem("natandrace",$lang_Menu_Admin_NationalityNRace_Nationality,


"index.php?uniqcode=NAT&menu_no_top=eim");

53
$subsubs[] = new MenuItem("natandrace",$lang_Menu_Admin_NationalityNRace_EthnicRaces,
"index.php?uniqcode=ETH&menu_no_top=eim");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("users",$lang_Menu_Admin_Users, "#");

$subsubs = array();

$subsubs[] = new MenuItem("users",$lang_Menu_Admin_Users_HRAdmin, "index.php?


uniqcode=USR&menu_no_top=eim&isAdmin=Yes");

$subsubs[] = new MenuItem("users",$lang_Menu_Admin_Users_ESS, "index.php?


uniqcode=USR&menu_no_top=eim&isAdmin=No");

$subsubs[] = new MenuItem("users",$lang_Menu_Admin_Users_UserGroups, "index.php?


uniqcode=USG&menu_no_top=eim");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("email",$lang_Menu_Admin_EmailNotifications, "#");

$subsubs = array();

$subsubs[] = new MenuItem("email",$lang_Menu_Admin_EmailConfiguration, "index.php?


uniqcode=EMX&menu_no_top=eim" );

$subsubs[] = new MenuItem("email",$lang_Menu_Admin_EmailSubscribe, "index.php?


uniqcode=ENS&menu_no_top=eim" );

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("project",$lang_Menu_Admin_ProjectInfo, "#");

$subsubs = array();

$subsubs[] = new MenuItem("project",$lang_Menu_Admin_Customers, "index.php?


uniqcode=CUS&menu_no_top=eim" );

$subsubs[] = new MenuItem("project",$lang_Menu_Admin_Projects, "index.php?


uniqcode=PRJ&menu_no_top=eim" );

$subsubs[] = new MenuItem("project",$lang_Admin_ProjectActivities, "index.php?


uniqcode=PAC&menu_no_top=eim" );
54
$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("importexport",$lang_Menu_Admin_DataImportExport, "#");

$subsubs = array();

$subsubs[] = new MenuItem("importexport",$lang_Menu_Admin_DataExportDefine,


"index.php?uniqcode=CEX&menu_no_top=eim" );

$subsubs[] = new MenuItem("importexport",$lang_Menu_Admin_DataExport, "index.php?


uniqcode=CSE&menu_no_top=eim" );

$subsubs[] = new MenuItem("importexport",$lang_Menu_Admin_DataImportDefine,


"index.php?uniqcode=CIM&menu_no_top=eim" );

$subsubs[] = new MenuItem("importexport",$lang_Menu_Admin_DataImport, "index.php?


uniqcode=IMP&menu_no_top=eim" );

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("customfields",$lang_Menu_Admin_CustomFields, "index.php?


uniqcode=CTM&menu_no_top=eim");

$subs[] = $sub;

if ($_SESSION['ldap'] == "enabled") {

$subs[] = new MenuItem("ldap", $lang_Menu_LDAP_Configuration, "index.php?


uniqcode=LDAP&menu_no_top=eim");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

} else if ($_SESSION['isProjectAdmin'] && !$_SESSION['isSupervisor']) {

$menuItem = new MenuItem("admin", $lang_Menu_Admin, "index.php?


uniqcode=PAC&menu_no_top=eim");

$menuItem->setCurrent($_GET['menu_no_top']=="eim");

55
$subs[] = new MenuItem("project",$lang_Admin_ProjectActivities, "index.php?
uniqcode=PAC&menu_no_top=eim");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

} else if ($_SESSION['isSupervisor'] && !$_SESSION['isProjectAdmin']) {

$menuItem = new MenuItem("admin", $lang_Menu_Admin, "index.php?


uniqcode=TCP&menu_no_top=eim&pageNo=1");

$menuItem->setCurrent($_GET['menu_no_top']=="eim");

$subs[] = new MenuItem("companyproperty",$lang_Menu_Admin_Company_Property,


"index.php?uniqcode=TCP&menu_no_top=eim&pageNo=1");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

} else if ($_SESSION['isSupervisor'] && $_SESSION['isProjectAdmin']) {

$menuItem = new MenuItem("admin", $lang_Menu_Admin, "index.php?


uniqcode=TCP&menu_no_top=eim&pageNo=1");

$menuItem->setCurrent($_GET['menu_no_top']=="eim");

$subs[] = new MenuItem("companyproperty",$lang_Menu_Admin_Company_Property, "index.php?


uniqcode=TCP&menu_no_top=eim&pageNo=1");

$subs[] = new MenuItem("project",$lang_Admin_ProjectActivities, "index.php?


uniqcode=PAC&menu_no_top=eim");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

define('PIM_MENU_TYPE', 'left');

$_SESSION['PIM_MENU_TYPE'] = PIM_MENU_TYPE;

/* PIM menu start */

if ( ($_SESSION['isAdmin']=='Yes' || $_SESSION['isSupervisor']) && $arrAllRights[PIM]['view']) {

$menuItem = new MenuItem("pim", $lang_Menu_Pim ,"./index.php?menu_no_top=hr");


56
$menuItem->setCurrent($_GET['menu_no_top']=="hr");

$enablePimMenu = false;

if ((isset($_GET['menu_no_top'])) && ($_GET['menu_no_top']=="hr") &&


isset($_GET['reqcode']) && $arrRights['view'] ) {

$enablePimMenu = true;

$subs = array();

$subs[] = new MenuItem("emplist", $lang_pim_EmployeeList,


"./lib/controllers/CentralController.php?
reqcode=EMP&VIEW=MAIN&sortField=0&sortOrder0=ASC");

if ($arrAllRights[PIM]['add']) {

$subs[] = new MenuItem("empadd", $lang_pim_AddEmployee,


"./lib/controllers/CentralController.php?reqcode=EMP&capturemode=addmode");

if (PIM_MENU_TYPE == 'dropdown') {

$sub = new MenuItem("personal",$lang_pim_tabs_Personal, "#", null, $enablePimMenu);

$subsubs = array();

$subsubs[] = new MenuItem("personal", $lang_pim_PersonalDetails,


"javascript:parent.rightMenu.displayLayer(1)", null, $enablePimMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_Contact,


"javascript:parent.rightMenu.displayLayer(4)", null, $enablePimMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_EmergencyContacts,


"javascript:parent.rightMenu.displayLayer(5)", null, $enablePimMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_Dependents,


"javascript:parent.rightMenu.displayLayer(3)", null, $enablePimMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_Immigration,


"javascript:parent.rightMenu.displayLayer(10)", null, $enablePimMenu);

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("employment",$lang_pim_Employment, "#", null, $enablePimMenu);


57
$subsubs = array();

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_Job,


"javascript:parent.rightMenu.displayLayer(2)", null, $enablePimMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_Payments,


"javascript:parent.rightMenu.displayLayer(14)", null, $enablePimMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_Tax,


"javascript:parent.rightMenu.displayLayer(18)", null, $enablePimMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_DirectDebit,


"javascript:parent.rightMenu.displayLayer(19)", null, $enablePimMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_ReportTo,


"javascript:parent.rightMenu.displayLayer(15)", null, $enablePimMenu);

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("pimqualifications", $lang_pim_Qualifications, "#", null,


$enablePimMenu);

$subsubs = array();

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_WorkExperience,


"javascript:parent.rightMenu.displayLayer(17)", null, $enablePimMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_Education,


"javascript:parent.rightMenu.displayLayer(9)", null, $enablePimMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_Skills,


"javascript:parent.rightMenu.displayLayer(16)", null, $enablePimMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_Languages,


"javascript:parent.rightMenu.displayLayer(11)", null, $enablePimMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_License,


"javascript:parent.rightMenu.displayLayer(12)", null, $enablePimMenu);

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$subs[] = new MenuItem("pimmemberships",$lang_pim_tabs_Membership,


"javascript:parent.rightMenu.displayLayer(13)", null, $enablePimMenu);

58
$subs[] = new MenuItem("attachments",$lang_pim_tabs_Attachments,
"javascript:parent.rightMenu.displayLayer(6)", null, $enablePimMenu);

$subs[] = new MenuItem("custom",$lang_pim_tabs_Custom,


"javascript:parent.rightMenu.displayLayer(20)", null, $enablePimMenu);

} else if (PIM_MENU_TYPE == 'mixed') {

$subs[] = new MenuItem("personal",$lang_pim_tabs_Personal,


"javascript:parent.rightMenu.displayLayer(1)", null, $enablePimMenu);

$subs[] = new MenuItem("employment",$lang_pim_Employment,


"javascript:parent.rightMenu.displayLayer(2)", null, $enablePimMenu);

$subs[] = new MenuItem("pimqualifications", $lang_pim_Qualifications,


"javascript:parent.rightMenu.displayLayer(17)", null, $enablePimMenu);

$subs[] = new MenuItem("pimmemberships",$lang_pim_tabs_Membership,


"javascript:parent.rightMenu.displayLayer(13)", null, $enablePimMenu);

$subs[] = new MenuItem("attachments",$lang_pim_tabs_Attachments,


"javascript:parent.rightMenu.displayLayer(6)", null, $enablePimMenu);

$subs[] = new MenuItem("custom",$lang_pim_tabs_Custom,


"javascript:parent.rightMenu.displayLayer(20)", null, $enablePimMenu);

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

/* Start leave menu */

if (($_SESSION['empID'] != null) || $arrAllRights[Leave]['view']) {

$menuItem = new MenuItem("leave", $lang_Menu_Leave ,"./index.php?menu_no_top=leave");

$menuItem->setCurrent($_GET['menu_no_top']=="leave");

$subs = array();

$subsubs = array();

$allowedRoles = array($authorizeObj->roleAdmin, $authorizeObj->roleSupervisor);

59
if ($authorizeObj->firstRole($allowedRoles)) {

$sub = new MenuItem("leavesummary", $lang_Menu_Leave_LeaveSummary, "#");

if ($authorizeObj->isESS()) {

$subsubs[] = new MenuItem("leavesummary",


$lang_Menu_Leave_PersonalLeaveSummary, "lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_Summary&id={$_SESSION['empID']}");

if ($arrAllRights[Leave]['view'] || $authorizeObj->isSupervisor()) {

$subsubs[] = new MenuItem("leavesummary",


$lang_Menu_Leave_EmployeeLeaveSummary, "lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_Select_Employee_Leave_Summary");

$sub->setSubMenuItems($subsubs);

} else if ($authorizeObj->isESS()) {

$sub = new MenuItem("leavesummary", $lang_Menu_Leave_LeaveSummary,


"lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_Summary&id={$_SESSION['empID']}");

$subs[] = $sub;

if ($authorizeObj->isAdmin() && $arrAllRights[Leave]['view']) {

$sub = new MenuItem("daysoff", $lang_Menu_Leave_DefineDaysOff, "#");

$subsubs = array();

$subsubs[] = new MenuItem("daysoff",$lang_Menu_Leave_DefineDaysOff_Weekends,


"lib/controllers/CentralController.php?leavecode=Leave&action=Holiday_Weekend_List");

$subsubs[] = new MenuItem("daysoff",


$lang_Menu_Leave_DefineDaysOff_SpecificHolidays, "lib/controllers/CentralController.php?
leavecode=Leave&action=Holiday_Specific_List");

$sub->setSubMenuItems($subsubs);
60
$subs[] = $sub;

$subs[] = new MenuItem("leavetypes",$lang_Menu_Leave_LeaveTypes ,


"lib/controllers/CentralController.php?leavecode=Leave&action=Leave_Type_Summary");

if ($authorizeObj->isESS()) {

$subs[] = new MenuItem("leavelist", $lang_Menu_Leave_MyLeave,


"lib/controllers/CentralController.php?leavecode=Leave&action=Leave_FetchLeaveEmployee");

$subs[] = new MenuItem("applyLeave", $lang_Menu_Leave_Apply,


"lib/controllers/CentralController.php?leavecode=Leave&action=Leave_Apply_view");

if (($authorizeObj->isAdmin() && $arrAllRights[Leave]['add']) || $authorizeObj-


>isSupervisor()) {

$subs[] = new MenuItem("assignleave",$lang_Menu_Leave_Assign,


"lib/controllers/CentralController.php?leavecode=Leave&action=Leave_Apply_Admin_view");

if ($authorizeObj->isSupervisor() && !$authorizeObj->isAdmin()) {

$subs[] = new MenuItem("leavelist", $lang_Leave_all_emplyee_leaves,


"lib/controllers/CentralController.php?leavecode=Leave&action=Leave_FetchLeaveSupervisor");

if ($authorizeObj->isAdmin() && $arrAllRights[Leave]['view']) {

$subs[] = new MenuItem("leavelist",$lang_Leave_all_emplyee_leaves,


"lib/controllers/CentralController.php?
leavecode=Leave&action=Leave_FetchLeaveAdmin&NewQuery=1");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

61
/* Start time menu */

if (($_SESSION['empID'] != null) || $arrAllRights[TimeM]['view']) {

$menuItem = new MenuItem("time", $lang_Menu_Time ,"./index.php?menu_no_top=time");

$menuItem->setCurrent($_GET['menu_no_top']=="time");

/* Only show rest of menu if time period set */

if ($_SESSION['timePeriodSet'] == "Yes") {

$subs = array();

$sub = new MenuItem("timesheets", $lang_Menu_Time_Timesheets, $timesheetPage);

if ($authorizeObj->isAdmin() || $authorizeObj->isSupervisor()) {

$subsubs = array();

if ($authorizeObj->isESS()) {

$timesheetLink = 'javascript: location.href = \'' . $_SESSION['WPATH']


. '/lib/controllers/CentralController.php?
timecode=Time&action=View_Current_Timesheet&clientTimezoneOffset=\' + escape((new
Date()).getTimezoneOffset() * -1);';

$subsubs[] = new MenuItem("timesheets",


$lang_Menu_Time_PersonalTimesheet, $timesheetLink);

if (($authorizeObj->isAdmin() && $arrAllRights[TimeM]['view']) ||


$authorizeObj->isSupervisor()) {

$subsubs[] = new MenuItem("timesheets",


$lang_Menu_Time_PrintTimesheets , "lib/controllers/CentralController.php?
timecode=Time&action=Select_Timesheets_View");

$subsubs[] = new MenuItem("timesheets",


$lang_Menu_Time_EmployeeTimesheets , "lib/controllers/CentralController.php?
timecode=Time&action=View_Select_Employee");

}
62
$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

/* Attendance Menu Items: Begin */

$attendance = new MenuItem("timesheets", $lang_Time_Menu_Attendacne,


$attendanceDefault);

$attsubs = array();

if ($authorizeObj->isESS()) {

$attsubs[] = new MenuItem("timesheets", $lang_Time_Menu_PunchInOut,


"lib/controllers/CentralController.php?timecode=Time&action=Show_Punch_View");

$attsubs[] = new MenuItem("projectTime", $lang_Time_Menu_MyReports,


"lib/controllers/CentralController.php?timecode=Time&action=Show_My_Report");

if (($authorizeObj->isAdmin() && $arrAllRights[TimeM]['view']) || $authorizeObj-


>isSupervisor()) {

$attsubs[] = new MenuItem("projectTime",


$lang_Time_Menu_EmployeeReports, "lib/controllers/CentralController.php?
timecode=Time&action=Show_Employee_Report");

if ($authorizeObj->isAdmin() && $arrAllRights[TimeM]['edit']) {

$attsubs[] = new MenuItem("projectTime",


$lang_Time_Menu_AttendanceConfiguration, "lib/controllers/CentralController.php?
timecode=Time&action=Show_Attendance_Config");

63
$attendance->setSubMenuItems($attsubs);

$subs[] = $attendance;

/* Attendance Menu Items: End */

/*if ($authorizeObj->isESS()) {

$subs[] = new MenuItem("projectTime", $lang_Menu_Time_ProjectTime,


"lib/controllers/CentralController.php?timecode=Time&action=Time_Event_Home");

}*/

$allowedRoles = array($authorizeObj->roleAdmin, $authorizeObj->roleSupervisor);

if ($authorizeObj->firstRole($allowedRoles) && $arrAllRights[TimeM]['view']) {

$subs[] = new MenuItem("employeereports",


$lang_Menu_Time_EmployeeReports , "lib/controllers/CentralController.php?
timecode=Time&action=Employee_Report_Define");

// && $arrAllRights[TimeM]['view'] - was removed from the condition so that project admins
can see the menu

if ((($_SESSION['isAdmin']=='Yes') || $_SESSION['isProjectAdmin'])) {

$subs[] = new MenuItem("projectreports",$lang_Menu_Time_ProjectReports,


"lib/controllers/CentralController.php?timecode=Time&action=Project_Report_Define");

if ($_SESSION['isAdmin']=='Yes' && $arrAllRights[TimeM]['view']) {

$subs[] = new MenuItem("workshifts", $lang_Menu_Time_WorkShifts,


"lib/controllers/CentralController.php?timecode=Time&action=View_Work_Shifts");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;
64
}

/* Start benefits menu */

if (($_SESSION['empID'] != null) || $arrAllRights[Benefits]['view']) {

$menuItem = new MenuItem("benefits",$lang_Menu_Benefits ,"./index.php?


menu_no_top=benefits");

$menuItem->setCurrent($_GET['menu_no_top']=="benefits");

$subs = array();

/* TODO: clean up this part based on requirements */

if ($_SESSION['isAdmin'] == "Yes" && $arrAllRights[Benefits]['view']) {

$yearVal = date('Y');

$sub = new MenuItem("hsp",$lang_Menu_Benefits_HealthSavingsPlan ,


"lib/controllers/CentralController.php?
benefitcode=Benefits&action=Hsp_Summary&year={$yearVal}");

$subsubs = array();

$subsubs[] = new MenuItem("hsp",$lang_Menu_Benefits_Define_Health_savings_plans


, "lib/controllers/CentralController.php?benefitcode=Benefits&action=Define_Health_Savings_Plans");

$subsubs[] = new MenuItem("hsp",$lang_Menu_Benefits_EmployeeHspSummary ,


"lib/controllers/CentralController.php?
benefitcode=Benefits&action=Hsp_Summary&year={$yearVal}");

$subsubs[] = new MenuItem("hsp",$lang_Benefits_HspPaymentsDue ,


"lib/controllers/CentralController.php?benefitcode=Benefits&action=List_Hsp_Due");

$subsubs[] = new MenuItem("hsp",$lang_Benefits_HspExpenditures ,


"lib/controllers/CentralController.php?
benefitcode=Benefits&action=Hsp_Expenditures_Select_Year_And_Employee");

$subsubs[] = new MenuItem("hsp",$lang_Benefits_HspUsed ,


"lib/controllers/CentralController.php?
benefitcode=Benefits&action=Hsp_Used_Select_Year&year={$yearVal}");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

} else {

65
if (Config::getHspCurrentPlan() > 0) {

$sub = new MenuItem("hsp", $lang_Menu_Benefits_HealthSavingsPlan,


$personalHspSummary);

} else {

$sub = new MenuItem("hsp", $lang_Menu_Benefits_HealthSavingsPlan,


"lib/controllers/CentralController.php?benefitcode=Benefits&action=Hsp_Not_Defined");

$subsubs = array();

if ($authorizeObj->isESS()) {

$yearVal = date('Y');

$subsubs[] = new MenuItem("hsp", $lang_Benefits_HspExpenditures,


"lib/controllers/CentralController.php?
benefitcode=Benefits&action=Hsp_Expenditures&year={$yearVal}&employeeId={$_SESSION['empI
D']}");

if (Config::getHspCurrentPlan() > 0) { // Show only when Admin has defined a


HSP plan

$subsubs[] = new MenuItem("hsp", $lang_Benefits_HspRequest,


"lib/controllers/CentralController.php?benefitcode=Benefits&action=Hsp_Request_Add_View");

$subsubs[] = new MenuItem("hsp", $lang_Menu_Benefits_PersonalHspSummary,


$personalHspSummary);

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

if ($_SESSION['isAdmin'] == "Yes" && $arrAllRights[Benefits]['view']) {

$sub = new MenuItem("payrollschedule",$lang_Menu_Benefits_PayrollSchedule ,


"lib/controllers/CentralController.php?benefitcode=Benefits&action=Benefits_Schedule_Select_Year");

$subsubs = array();
66
$subsubs[] = new MenuItem("payrollschedule",$lang_Benefits_ViewPayrollSchedule ,
"lib/controllers/CentralController.php?benefitcode=Benefits&action=Benefits_Schedule_Select_Year");

if ($arrAllRights[Benefits]['add']) {

$subsubs[] = new MenuItem("payrollschedule",$lang_Benefits_AddPayPeriod ,


"lib/controllers/CentralController.php?benefitcode=Benefits&action=View_Add_Pay_Period");

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

/* Start recruitment menu */

if ($arrAllRights[Recruit]['view']) {

$menuItem = new MenuItem("recruit", $lang_Menu_Recruit ,"./index.php?


menu_no_top=recruit");

$menuItem->setCurrent($_GET['menu_no_top']=="recruit");

$subs = array();

if ($_SESSION['isAdmin']=='Yes') {

$subs[] = new MenuItem("vacancies",$lang_Menu_Recruit_JobVacancies ,


"lib/controllers/CentralController.php?recruitcode=Vacancy&action=List");

if ($_SESSION['isAdmin']=='Yes' || $_SESSION['isManager'] || $_SESSION['isDirector'] ||


$_SESSION['isAcceptor'] || $_SESSION['isOfferer']) {

67
$subs[] = new MenuItem("applications",$lang_Menu_Recruit_JobApplicants ,
"lib/controllers/CentralController.php?recruitcode=Application&action=List");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

/* Start reports menu */

if ($_SESSION['isAdmin']=='Yes' && $arrAllRights[Report]['view']) {

$menuItem = new MenuItem("report", $lang_Menu_Reports ,"./index.php?menu_no_top=rep");

$menuItem->setCurrent($_GET['menu_no_top']=="rep");

$subs = array();

$subs[] = new MenuItem("viewreports",$lang_Menu_Reports_ViewReports , "index.php?


repcode=EMPVIEW&menu_no_top=rep");

if ($arrAllRights[Report]['add'] || $arrAllRights[Report]['edit'] || $arrAllRights[Report]['delete'])


{

$subs[] = new MenuItem("definereports",$lang_Menu_Reports_DefineReports ,


"index.php?repcode=EMPDEF&menu_no_top=rep");

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

/* Start ESS menu */

if ($_SESSION['isAdmin']!='Yes') {

$menuItem = new MenuItem("ess", $lang_Menu_Ess ,"./index.php?menu_no_top=ess");

$menuItem->setCurrent($_GET['menu_no_top']=="ess");

$enableEssMenu = false;
68
if ($_GET['menu_no_top']=="ess") {

$enableEssMenu = true;

$subs = array();

if (PIM_MENU_TYPE == 'dropdown') {

$sub = new MenuItem("personal",$lang_pim_tabs_Personal, "#", null, $enableEssMenu);

$subsubs = array();

$subsubs[] = new MenuItem("personal", $lang_pim_PersonalDetails,


"javascript:parent.rightMenu.displayLayer(1)", null, $enableEssMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_Contact,


"javascript:parent.rightMenu.displayLayer(4)", null, $enableEssMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_EmergencyContacts,


"javascript:parent.rightMenu.displayLayer(5)", null, $enableEssMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_Dependents,


"javascript:parent.rightMenu.displayLayer(3)", null, $enableEssMenu);

$subsubs[] = new MenuItem("personal",$lang_pim_tabs_Immigration,


"javascript:parent.rightMenu.displayLayer(10)", null, $enableEssMenu);

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("employment", $lang_pim_Employment, "#", null, $enableEssMenu);

$subsubs = array();

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_Job,


"javascript:parent.rightMenu.displayLayer(2)", null, $enableEssMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_Payments,


"javascript:parent.rightMenu.displayLayer(14)", null, $enableEssMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_Tax,


"javascript:parent.rightMenu.displayLayer(18)", null, $enableEssMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_DirectDebit,


"javascript:parent.rightMenu.displayLayer(19)", null, $enableEssMenu);

$subsubs[] = new MenuItem("employment",$lang_pim_tabs_ReportTo,


"javascript:parent.rightMenu.displayLayer(15)", null, $enableEssMenu);

69
$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$sub = new MenuItem("pimqualifications", $lang_pim_Qualifications, "#", null,


$enableEssMenu);

$subsubs = array();

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_WorkExperience,


"javascript:parent.rightMenu.displayLayer(17)", null, $enableEssMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_Education,


"javascript:parent.rightMenu.displayLayer(9)", null, $enableEssMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_Skills,


"javascript:parent.rightMenu.displayLayer(16)", null, $enableEssMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_Languages,


"javascript:parent.rightMenu.displayLayer(11)", null, $enableEssMenu);

$subsubs[] = new MenuItem("pimqualifications",$lang_pim_tabs_License,


"javascript:parent.rightMenu.displayLayer(12)", null, $enableEssMenu);

$sub->setSubMenuItems($subsubs);

$subs[] = $sub;

$subs[] = new MenuItem("pimmemberships",$lang_pim_tabs_Membership,


"javascript:parent.rightMenu.displayLayer(13)", null, $enableEssMenu);

$subs[] = new MenuItem("attachments",$lang_pim_tabs_Attachments,


"javascript:parent.rightMenu.displayLayer(6)", null, $enableEssMenu);

$subs[] = new MenuItem("custom",$lang_pim_tabs_Custom,


"javascript:parent.rightMenu.displayLayer(20)", null, $enableEssMenu);

} else if (PIM_MENU_TYPE == 'mixed') {

$subs[] = new MenuItem("personal",$lang_pim_tabs_Personal,


"javascript:parent.rightMenu.displayLayer(1)", null, $enablePimMenu);

$subs[] = new MenuItem("employment",$lang_pim_Employment,


"javascript:parent.rightMenu.displayLayer(2)", null, $enablePimMenu);

$subs[] = new MenuItem("pimqualifications", $lang_pim_Qualifications,


"javascript:parent.rightMenu.displayLayer(17)", null, $enablePimMenu);

$subs[] = new MenuItem("pimmemberships",$lang_pim_tabs_Membership,


"javascript:parent.rightMenu.displayLayer(13)", null, $enablePimMenu);

70
$subs[] = new MenuItem("attachments",$lang_pim_tabs_Attachments,
"javascript:parent.rightMenu.displayLayer(6)", null, $enablePimMenu);

$subs[] = new MenuItem("custom",$lang_pim_tabs_Custom,


"javascript:parent.rightMenu.displayLayer(20)", null, $enablePimMenu);

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

/* Start bug tracker menu */

$menuItem = new MenuItem("bug", "Bug Tracker", "./index.php?menu_no_top=bug");

$menuItem->setCurrent($_GET['menu_no_top']=="bug");

$menu[] = $menuItem;

/* Start help menu */

$menuItem = new MenuItem("help", $lang_Menu_Help, '#');

$subs = array();

$subs[] = new MenuItem("help", $lang_Menu_HelpContents, "help.php", '_blank');

$subs[] = new MenuItem("support", $lang_Menu_Home_Support,


"http://www.orangehrm.com/subscribe-support.shtml", '_blank');

$subs[] = new MenuItem("forum", $lang_Menu_Home_Forum, "http://www.orangehrm.com/forum/",


'_blank');

$subs[] = new MenuItem("blog", $lang_Menu_Home_Blog, "http://www.orangehrm.com/blog/",


'_blank');

$menuItem->setSubMenuItems($subs);

$menu[] = $menuItem;

/* End of main menu definition */

71
$welcomeMessage = preg_replace('/#username/', ((isset($_SESSION['fname'])) ? $_SESSION['fname'] :
''), $lang_index_WelcomeMes);

if (isset($_SESSION['ladpUser']) && $_SESSION['ladpUser'] && $_SESSION['isAdmin'] != "Yes") {

$optionMenu = array();

} else {

$optionMenu[] = new MenuItem("changepassword", $lang_index_ChangePassword,

"./lib/controllers/CentralController.php?
mtcode=CPW&capturemode=updatemode&id={$_SESSION['user']}");

$optionMenu[] = new MenuItem("logout", $lang_index_Logout, "./index.php?ACT=logout");

// Decide on home page

if (($_GET['menu_no_top']=="eim") && ($arrRights['view'] || $allowAdminView)) {

$uniqcode = isset($_GET['uniqcode']) ? $_GET['uniqcode'] : $defaultAdminView;

$isAdmin = isset($_GET['isAdmin']) ? ('&amp;isAdmin='.$_GET['isAdmin']) : '';

/* TODO: Remove this pageNo variable */

$pageNo = isset($_GET['pageNo'])? '&amp;pageNo=1' : '';

$home = "./lib/controllers/CentralController.php?
uniqcode={$uniqcode}&amp;VIEW=MAIN{$isAdmin}{$pageNo}";

} elseif (($_GET['menu_no_top']=="hr") && $arrRights['view']) {

$reqCode = isset($_GET['reqcode']) ? $_GET['reqcode'] : 'EMP';

$home = "./lib/controllers/CentralController.php?reqcode={$reqCode}";

$home = “./lib/controllers/CentralController.php?
reqcode={$reqCode}&VIEW=MAIN&sortField=0&sortOrder0=ASC";

if (isset($_GET['id'])) {

$home .= "&amp;id={$_GET['id']}&amp;capturemode=updatemode";

} else {

$home .= "&amp;VIEW=MAIN";
72
}

} elseif (($_GET['menu_no_top']=="ldap") && $arrRights['view']) {

$uniqcode = isset($_GET['uniqcode']) ? $_GET['uniqcode'] : '';

$home = "./lib/controllers/CentralController.php?uniqcode={$uniqcode}&amp;VIEW=MAIN";

} else if ($_GET['menu_no_top']=="bug") {

$home = "./lib/controllers/CentralController.php?mtcode=BUG&amp;capturemode=addmode";

} elseif ($_GET['menu_no_top']=="rep") {

$repcode = isset($_GET['repcode']) ? $_GET['repcode'] : 'EMPVIEW';

$home = "./lib/controllers/CentralController.php?repcode={$repcode}&amp;VIEW=MAIN";

} elseif ($_GET['menu_no_top']=="ess") {

$home = "./lib/controllers/CentralController.php?
reqcode=ESS&amp;id={$_SESSION['empID']}&amp;capturemode=updatemode";

} elseif ($_GET['menu_no_top']=="leave") {

$home = $leaveHomePage;

} elseif ($_GET['menu_no_top']=="time") {

$home = $timeHomePage;

} elseif ($_GET['menu_no_top']=="benefits") {

$home = $beneftisHomePage;

} elseif ($_GET['menu_no_top']=="recruit") {

$home = $recruitHomePage;

} else {

$rightsCount = 0;

foreach ($arrAllRights as $moduleRights) {

foreach ($moduleRights as $right) {

if ($right) {

$rightsCount++;

73
if ($rightsCount === 0) {

$home = 'message.php?case=no-rights&type=notice';

} else {

$home = "";

?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"


"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<title>OrangeHRM</title>

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>

<link href="themes/<?php echo $styleSheet;?>/css/style.css" rel="stylesheet" type="text/css"/>

<link href="favicon.ico" rel="icon" type="image/gif"/>

<script type="text/javaScript" src="scripts/archive.js"></script>

<?php

$menuObj->getCSS();

$menuObj->getJavascript($menu);

?>

</head>

<body>

<div id="companyLogoHeader"></div><div id="rightHeaderImage"></div>

<!-- <div id="menu-div" style="clear:left;"> -->

<?php $menuObj->getMenu($menu, $optionMenu, $welcomeMessage);?>

<!-- </div> -->

74
<div id="main-content" style="float:left;height:640px;text-align:center;padding-left:0px;">

<iframe style="display:block;margin-left:auto;margin-right:auto;width:100%;" src="<?php echo


$home;?>" id="rightMenu" name="rightMenu" height="100%;" frameborder="0"></iframe>

</div>

<div id="main-footer" style="clear:both;text-align:center;height:20px;">

<a href="http://www.orangehrm.com" target="_blank">OrangeHRM</a> ver 2.5.0.3 &copy;


OrangeHRM Inc. 2005 - 2009 All rights reserved.

</div>

<script type="text/javascript">

//<![CDATA[

function exploitSpace() {

dimensions = windowDimensions();

if (document.getElementById("main-content")) {

document.getElementById("main-content").style.height = (dimensions[1] - 100 - <?php


echo $menuObj->getMenuHeight();?>) + 'px';

if (document.getElementById("main-content")) {

if (dimensions[0] < 940) {

dimensions[0] = 940;

document.getElementById("main-content").style.width = (dimensions[0] - <?php echo


$menuObj->getMenuWidth();?>) + 'px';

exploitSpace();
75
window.onresize = exploitSpace;

//]]>

</script>

</body>

</html>

<?php ob_end_flush(); ?>

76
TESTING

77
TESTING
Software testing is a process of analyzing or operating software for the purpose of
finding bugs. Test activities that are associated with analyzing the products of software
development include code inspections, walkthroughs, and desk checks.

UNIT TESTING
Unit testing involves test planning, test case development and measurement of test unit against
the requirement specifications.

Planning involves designing the schedule, determining the resources required and
determining the features to be tested. Test case development involves designing test cases that
are to be tested; the test cases are prepared so as to test the system exhaustively to find the bugs
present in the system. Measurement of test unit against specification involves testing the system
by giving the test cases as input and checking the systems adherence to its specification.

The following features were tested:

 Test to see if the requirements specified are taken care of.


 Test to see if all the inputs are handled effectively.
 Test the system by traversing all paths to discover any surprises.
 Check if the errors and exceptions have been handled properly.
 See if the validations of input data are all taken care off.

Test cases were designed to check the results retrieved from the database and the validation of all
user inputs. All the modules were tested thoroughly. The module interface was also tested to ensure that
information flows into and out of the program units.

78
INTEGRATION TESTING

This testing is performed after all individual modules are developed and ready for the integration.
The objective of this testing is to build a program structure as dictated in the design by taking unit tested
modules.

REQUIREMENT TO BE TESTED

The following requirements will be tested

1. Verify if valid users are identified.


2. Verify if invalid users are blocked from logging into the application.

GET REPORTGENERATION DETAILS

This service validates fetches the account details given an account Id down integration is an
incremental approach to the construction of program structure. Modules are integrated by moving
downward through the control hierarchy, beginning with the main module. Modules subordinate to the
main module are incorporated into the structure in depth first manner. In this way, interfacing between
the various modules was also thoroughly tested. In this System, the integration testing is done by
checking all possible workflows of the analysis and cleaning process.

SYSTEM TESTING
System Testing is a series of test, which have to be performed to fully exercise the computer-based system. It ensures that all the system
elements are fully integrated and each element performs its allocated function.

79
PERFORMANCE TESTING
Performance testing is done to test run-time performance of the software within context of an integrated system. For real time systems,
adherence to performance requirements is a must. It determines the amount of execution time spent in various units, program throughput and
response time. This system being highly user-interactive and capable of executing large volume of data was expected to have a small response
time.

White Box Testing

This is a unit testing method where a unit will be taken at a time and tested thoroughly at a
statement level to find the maximum possible errors. I tested step wise every piece of code, taking care
that every statement in the code is executed at least once. The white box testing is also called Glass Box
Testing. I have generated a list of test cases, sample data. which is used to check all possible
combinations of execution paths through the code at every module level.

Black Box Testing

This testing method considers a module as a single unit and checks the unit at interface and
communication with other modules rather getting into details at statement level. Here the module will be
treated as a block box that will take some input and generate output. Output for a given set of input
combinations are forwarded to other modules.

TEST CASES

VALIDATE LOGIN

This service validates the login credentials provided by the user.

If the login credentials are correct, it returns the UserContext to the caller.

80
If the login credentials are incorrect it returns a null UserContext.

Test Test case Input data Expected Result result


no
1 For invalid login and password Client ,152fg An exception with the error False

identifier INVALID_LOGIN_

is thrown Validate the result

with Data in the database.

2 For expired login and password Client 2, An exception with the error identifier False

Purity
INVALID_LOGIN_ is thrown. Validate
the result with data in the database.

3 For reports between two invalid 12/07/14 to 01/12/08 An exception with the error identifier False
dates
NON_ DATE is thrown

4 For reports between two valid dates 02/12/07 to 07/12/08 The report was generated from the True

database

81
82
FUTURE
ENCHANCEMENTS

83
FUTURE ENHANCEMENT

Today, online banking services are quite varied. One of the best features of online banking is
putting the user in control. The user controls all bill paying, transfers, and investments from home.

There are other features, though of online banking. One of these is increased accessibility to your
account information. Users of online banking services can access their account information from
anywhere in the world! This is particularly helpful for businesses. Internet business banking is becoming
increasingly popular, as businesses are becoming more global in their reach. Now business people can
access their accounts, even when on overseas business trips. Business Internet banking is extremely
popular for this reason.

84
CONCLUSION

85
CONCLUSION

This section discus the result of the work done in this project And also mentions the future scope
for improvement.

As the world becomes more of a global village being runned by paperless systems, the idea of a
cashless society is the hope of the future. Thus more innovations will still evolve which will make
cashless transactions easily accessible and affordable.

Future Scope of Improvement

The “Banking Online System is a big and ambitious project. I am thankful for being provided
this great opportunity to work on it. As already mentioned, this project has gone through extensive
research work. On the basis of the research work, we have successfully designed and implemented
banking online System.

86
BIBLIOGRAPHY

87
Bibliography

BOOK REFERENCES

 W. Lecky-Thompson,” Web Programming with XHTML, PHP and MySQL”, 2nd Edition, 2008

 W. Jason Gilmore,” Beginning PHP and MySQL”, 3rd Edition,2008

WEB SITES

 Online banking of National City bank www.Nationalcity.com


 Online banking of Bank one www.BankOne.com
 Online banking of ICICI bank www.ICICI.com
 PHP tutorials www.phpbuilder.com
 PHP tutorials www.php-learn-it.com

88

You might also like