Back to the work
Web Dev Intern

Basic Banking System.

Simple login + transactions with PHP backend.

PHPMySQLHTML/CSS
Role Web Dev InternPeriod Feb 2020
§ 01The problem.

Minimal banking flow for learning + demo.

This was one of my first complete web applications, built during my internship to learn the fundamentals of full-stack development. The goal was to understand the complete request-response cycle, database interactions, and basic security considerations in a controlled learning environment. While the scope was intentionally limited (basic CRUD operations for banking transactions), the project served as a practical introduction to server-side programming, SQL databases, and user authentication - concepts I'd only known theoretically before this.

§ 02How it works.
  1. Auth, transfers, and ledger views; clean UI.

Architecture

Simple MVC-inspired structure with PHP handling both routing and business logic: - **Models**: Direct SQL queries for user authentication and transaction records - **Views**: HTML templates with embedded PHP for dynamic content rendering - **Controllers**: PHP scripts processing form submissions and coordinating database operations The database schema included basic tables for users (credentials, account balances) and transactions (sender, receiver, amount, timestamp). No complex relationships or normalization beyond what was necessary for the demo.

Authentication System

Transaction Module

Transaction History

Admin Dashboard

Data flow

1. User submits login credentials via POST request 2. PHP script queries MySQL database to verify credentials 3. On success, create session and redirect to dashboard 4. For transfers: validate inputs, check sender balance, execute dual UPDATE queries (debit sender, credit receiver) 5. Insert transaction record for audit trail 6. Reload dashboard with updated balances All database operations were synchronous with direct query execution. No ORM, prepared statements were manually implemented after learning about SQL injection.

§ 03Technical deep dive.

Key decisions and trade-offs

Choosing procedural PHP over frameworks

Wanted to understand the fundamentals before using abstractions like Laravel. This helped me appreciate what frameworks do under the hood.

Manual SQL queries instead of ORM

Needed to learn SQL syntax, table relationships, and query optimization basics. Wrote JOIN queries by hand to understand database operations.

Session-based authentication

Simplest authentication mechanism to implement. Learned about session cookies, server-side storage, and state management.

Minimal frontend styling

Focus was on backend logic. Used basic HTML/CSS to make it functional but not fancy - this was about learning server-side concepts.

§ 04Results and impact.
  • Good primer on forms, security basics, and SQL ops.
§ 05Key learnings.
  • Security fundamentals

    First real exposure to SQL injection, XSS vulnerabilities, and why input validation matters. Initially wrote vulnerable code, then learned to use prepared statements and sanitize outputs.

  • Database design basics

    Understanding primary keys, foreign keys, and why atomicity matters in financial transactions. Learned the hard way about race conditions when two transfers happened simultaneously.

  • State management

    How sessions work, cookie-based authentication, and the stateless nature of HTTP. This foundation helped later when learning about JWT tokens and modern auth patterns.

  • Form handling and validation

    Server-side validation, error messaging, and user feedback. Learned why client-side validation alone isn't enough.

  • Development workflow

    Setting up local PHP/MySQL environment (XAMPP), debugging with var_dump(), and basic version control with Git. First project where I used branches and commits meaningfully.