Basic Banking System.
Simple login + transactions with PHP backend.
Minimal banking flow for learning + demo.
This was one of my first complete web applications, built during my internship to learn the fundamentals of full-stack development. The goal was to understand the complete request-response cycle, database interactions, and basic security considerations in a controlled learning environment. While the scope was intentionally limited (basic CRUD operations for banking transactions), the project served as a practical introduction to server-side programming, SQL databases, and user authentication - concepts I'd only known theoretically before this.
- Auth, transfers, and ledger views; clean UI.
Architecture
Simple MVC-inspired structure with PHP handling both routing and business logic: - **Models**: Direct SQL queries for user authentication and transaction records - **Views**: HTML templates with embedded PHP for dynamic content rendering - **Controllers**: PHP scripts processing form submissions and coordinating database operations The database schema included basic tables for users (credentials, account balances) and transactions (sender, receiver, amount, timestamp). No complex relationships or normalization beyond what was necessary for the demo.
Authentication System
Transaction Module
Transaction History
Admin Dashboard
Data flow
1. User submits login credentials via POST request 2. PHP script queries MySQL database to verify credentials 3. On success, create session and redirect to dashboard 4. For transfers: validate inputs, check sender balance, execute dual UPDATE queries (debit sender, credit receiver) 5. Insert transaction record for audit trail 6. Reload dashboard with updated balances All database operations were synchronous with direct query execution. No ORM, prepared statements were manually implemented after learning about SQL injection.
Key decisions and trade-offs
Choosing procedural PHP over frameworks
Wanted to understand the fundamentals before using abstractions like Laravel. This helped me appreciate what frameworks do under the hood.
Manual SQL queries instead of ORM
Needed to learn SQL syntax, table relationships, and query optimization basics. Wrote JOIN queries by hand to understand database operations.
Session-based authentication
Simplest authentication mechanism to implement. Learned about session cookies, server-side storage, and state management.
Minimal frontend styling
Focus was on backend logic. Used basic HTML/CSS to make it functional but not fancy - this was about learning server-side concepts.
- Good primer on forms, security basics, and SQL ops.
Security fundamentals
First real exposure to SQL injection, XSS vulnerabilities, and why input validation matters. Initially wrote vulnerable code, then learned to use prepared statements and sanitize outputs.
Database design basics
Understanding primary keys, foreign keys, and why atomicity matters in financial transactions. Learned the hard way about race conditions when two transfers happened simultaneously.
State management
How sessions work, cookie-based authentication, and the stateless nature of HTTP. This foundation helped later when learning about JWT tokens and modern auth patterns.
Form handling and validation
Server-side validation, error messaging, and user feedback. Learned why client-side validation alone isn't enough.
Development workflow
Setting up local PHP/MySQL environment (XAMPP), debugging with var_dump(), and basic version control with Git. First project where I used branches and commits meaningfully.