INTERNET BANKING WEBSITE

Developed by Md. Nafees Zakee (zakee94)

Goals of this project
 A robust and effective web based online banking system.
 Extending functionality without compromising security.

 Personal banking services that gives you complete control

over all your banking demands online.
 Simple and easy user interface to work with.

 Make a modular approach to web design so that extra

functionalities can be added in future without disturbing
other features.
Built with/Languages used
 HTML5, CSS, JavaScript & jQuery used for front-end design.
 PHP7 & MySQL used for back-end design.

 Oracle MySQL has been used to create and host the

database for the internet banking website.
 Other than the languages/tools mentioned above NO
other/external libraries and/or web-page templates have
been used, everything has been coded from ground-up
straight from scratch.
Features of the website
 Based on intuitive modern material design by Google.
 Fluid and responsive web design with cross device

compatibility.
 Cross compatibility with browsers, works on all browsers in

the same way.

 Optimized code to facilitate increased speed and fps while
displaying the web-page.
 And an Easter Egg, if you can find it !
 Associated files :
*navbar.php
(associated .css files)

Responsive Web Design

Guidelines of RWD have been followed to ensure a seamless
compatibility between different devices based on screen
size. Elements which include the guidelines are :
 Navbar : On large screens the contents of the navbar are
present in a tabbed layout, however on small screens only
one tab is visible and the rest become visible after clicking a
button on the navbar.
The navbar is sticky in nature which means that on scrolling the
page the navbar sticks to the top.
 Associated files :
*sidebar.php,
header.php
(associated .css files)

 Sidebar : On large screens the sidebar is always visible,

however on small screens the navbar becomes visible only
when an associated button (hamburger icon) is clicked on
the navbar.
 All the content of the web pages have been placed inside

flex-boxes to ensure that they dynamically adjust with

screen size.
 Certain texts are replaced by icons to save space on small

screen.
 In certain places dynamic fonts have been coded, the size
of which adjusts in accordance with the screen size.
Overview of the internet banking features :
 Registration for online banking by Admin.
 Adding beneficiary account by customer.

 Transferring amount to the beneficiary added by customer.

 Customers can check the transactions related with their

account.
 Customers can check their account statement within a
date range.
 Customers can filter their transactions based on certain

variables.
 Auto deletion of added beneficiaries on sensitive data
mismatch or/if data integrity of the beneficiary is
compromised.
 Customer can debit/credit money from/into his/her

account.
 Customer can change their password and non sensitive
details.
 Admin can add/edit/delete customer.

 Admin login page is hidden from customer for security

purpose.
 Admin can post news/notices on the main website.
 Associated files :
net_banking.sql

Features of the database

 The database contains customer & admin tables.
 Each customer has its own virtual passbook linked with

his/her account number.

 Each customer has its own beneficiary table linked with

his/her account number.

 A separate table for news and news’ body is maintained in
the database.
ER Diagram
 Associated files :
admin_login*.php,
customer_login*.php

Hierarchy of the website (associated .css files)

The website has been divided into 3 main parts :

 A core home part where the customer can view login

options, access contact information and/or read latest

news/notices.
 A core customer part where the customer can interact with
the various options available to him/her for internet banking.
 A core admin part where the admin can interact with the
various options available to him/her for managing the
customers and website.
 Associated files :
home.php,
news.php,

The core home part contact.php

(associated .css files)

It consists of 4 parts accessible via a top navigation bar :

 Home : The home page of the website, also the login page
for the customer.
 News : This page consists of news/notices posted by the
admin on the website.
 Contact : This page has contact information about the
bank.
 About : About the bank and info regarding the developers
of the website is present on this page.
 Associated files :
customer_home.php,
customer_profile*.php

The customer part (associated .css files)

This part is only accessible after the customer logs into his/her
account. It cannot be accessed in any other way.
It consists of the following core internet banking features,
most of them accessible via a side pane :
 A Customer Home page which displays information about
the customer like total balance, account number, last
transaction, etc.
 A My Profile page in which the customer can view/edit non
sensetive details/change password and/or pin, etc.
 Associated files :
customer_transactions.php
(associated .css files)

 A My Transactions page which displays all the transactions

of the customer in a tabular form. It consists of the following
features :
 Ability to sort the transactions by the transaction id or date of
the transaction in both ascending and descending order.
 Ability to filter the transactions based on a certain type of
transaction/remark.
 Ability to filter/display transactions within/from/up to a certain
date range.
 Ability to use one or more filter in conjugation with the other.
 Ability to use filter in conjugation with sort type.
 Filters being used are constantly displayed on the screen.
 Ability to remove applied filters.
 The customer can transfer funds to another customer via a
Transfer Funds page which has the following features :
 Before the customer can send funds, the customer has to add
beneficiaries to whom he/she can send the funds.
 Beneficiaries can be added via the transfer funds page. To
add a beneficiary, the customer has to fill all the valid details
as required in the add beneficiary form. Submitting invalid
information will result in rejection of the form and the
beneficiary can’t be added.
 Beneficiaries can only be added if and only if ALL the
information entered is valid.
 After a beneficiary has been successfully added it will be
displayed in the transfer funds page. Associated files :
beneficiary.php,
add_beneficiary*.php
(associated .css files)
 Associated files :
send_funds*.php
(associated .css files)

 The beneficiaries are displayed in a sequential card layout

influenced by the material design. The customer can send
funds to these beneficiaries or delete them.
 The customer can search for a particular beneficiary among
the list of his/her beneficiaries by both name and account
number.
 While transferring funds the customer has to authenticate the
transfer by his online banking password.
 If the transfer is invalid like <0 or >customers account balance
the transfer will be rejected and an appropriate message will
be given to the customer.
 An important feature is auto deletion of beneficiaries discussed
on the next slide.
 Associated files :
verify_beneficiary.php,
auto_delete_beneficiary.php,

Auto deletion of beneficiaries delete_beneficiary.php

(associated .css files)

 Every time the “transfer funds” page loads a check is made

initially to ensure that the data integrity of the beneficiaries is
intact. If not, those beneficiaries whose data integrity has
been compromised will be automatically deleted from the
list of beneficiaries and an appropriate message will be
displayed to the customer.
 Data integrity of a beneficiary will be lost if and only if the
following data of the beneficiary is changed :
email id, phone number, account number, name, and/or if the
beneficiary’s account no longer exists.
 Associated files :
atm_simulator*.php,
(associated .css files)

 A ATM Simulator page which the customer can use to

debit/credit money from his/her account :
 This feature is a “faux/display” feature only and is only used to
stimulate real world scenario in which a customer interacts with
an ATM to debit money or credit money.
 This feature is NOT applicable for real internet banking
websites.
 For simulation purposes the customer has to enter a valid ATM
pin to debit/credit money into his/her account.
 The amount entered should also be valid, invalid amounts will
result in rejection of the requests.
 Associated files :
admin_home.php,
post_news*.php

The admin part (associated .css files)

This part is accessible only after the admin logs into his/her
account via a “hidden” login page for the admin. There is no
other way to access the admin part without logging in first.
It consists of the following core admin features, most of them
accessible via a side pane :
 A Admin Home page which serves as a sort of greeting for
the customer.
 A Post News page through which the admin can post
news/notices on the home part of the website.
 Associated files :
customer_add*.php
(associated .css files)

 An Add Customer page through which the admin can

add/create a new customer in the internet baking website
database. The add customer form needs to be filled up
carefully as any wrong input/data will result in rejection of
the form and an appropriate error message will be
displayed to the admin.
 The admin holds absolute power over the customer’s details

however he/she has no power over the customer’s

transactions.
 A Manage Customers page through which the admin can
manage customers of the internet banking website. It has
the following features :
 The customers are displayed in a sequential card layout
influenced by the material design. The admin can
view/edit/update the details of these customers, view their
transactions or delete them from the database.
 The admin can search for a particular customer among the list

of all the customers by both name and account number.

Associated files :
manage_customers.php delete_customer.php,
edit_customer*.php, (associated .css files)
transactions.php
Security features of the website
 Each and every input is passed through
mysqli_real_escape_string() to remove special characters
from the string so that user can’t submit arbitrary input. It
protects from attacks like SQL Injection and Cross Site
Scripting(XSS).
 Sensitive details like password/username in a form are
passed through method=“POST” and NOT method=“GET” to
prevent leak of such data via the URL.
 Associated files :
validate_admin.php,
validate_customer.php
(associated .css files)

 Customer/Admin can only enter into their accounts after

entering their username and password via login.
 Admin login page is hidden from customer for security
purposes.
 Before any page of the customer/admin part is

displayed/loaded a check is made to ensure that the

customer/admin session is valid and active (i.e. whether the
customer/admin is logged into his/her session or not). If the
session is invalid the user is redirected to the home page
without notifying the user.
 Thus accessing customer/admin pages after logging out,
through history/using back button is impossible.
 Associated files :
session_expired.php,
(associated .css files)

 A session timeout feature is present for both the customer

and the admin which ensures that if the website remains
unused/no activity is detected by the user for >5 minutes,
the user is automatically logged out and an appropriate
message is displayed to the user informing him that his/her
session has expired.
 Care is taken to ensure that parallel/simultaneous sessions is

not possible on the same system. In case such a situation

happens, sessions active beside the current one will
automatically die.
 Admin can’t change his/her or the database’s password.
To do/Future scope
 Make a customer grievance system where customer can
interact with admin via messages to which the admins can
respond appropriately. Much like a mail system between
customer and admin.
 Increase security of/in the website and web design,
because honestly there is very little security as of now when
compared to real world websites.
 Add features/enhance already available features for

internet banking.