A complete banking system built with PHP 8.3+ (OOP) and modern frontend technologies.
- User registration and secure login
- Auto-generated 10-digit account numbers
- Request deposits/withdrawals (admin approval required)
- Instant money transfers between accounts
- Real-time transaction history
- Notification system with badges
- Rate limiting (5 failed login attempts, 15-minute lockout)
- Secure admin panel
- Dashboard with system statistics
- Approve/reject deposit and withdrawal requests
- View all users and their balances
- Monitor all system transactions
- Change admin password
- PHP 8.3+ with strict types
- Full OOP architecture (7 classes)
- Enums for type safety (TransactionType, RequestStatus, UserRole)
- Password hashing with bcrypt
- Login rate limiting and account lockout
- JSON file-based database (no MySQL required)
- RESTful API design
- Responsive design (mobile-friendly)
- Session management
mini-bank/
โโโ index.html # User login/register page
โโโ dashboard.html # User dashboard
โโโ admin.html # Admin control panel
โโโ config.php # Configuration & enums
โโโ Database.php # Database operations class
โโโ User.php # User management class
โโโ Account.php # Account operations class
โโโ Transaction.php # Transaction handling class
โโโ Notification.php # Notification system class
โโโ Admin.php # Admin operations class
โโโ api.php # API router
โโโ data.json # JSON database (not tracked)
โโโ README.md # This file
- PHP 8.3 or higher
- Apache web server
- XAMPP/LAMPP (recommended)
- Clone the repository:
git clone https://github.com/AlphaDevelopmental/mini-bank.git
cd mini-bank- Create data.json file:
cp data.json.example data.json- Set permissions (Linux/Mac):
chmod 666 data.json-
Start Apache:
- XAMPP: Open XAMPP Control Panel โ Start Apache
- LAMPP:
sudo /opt/lampp/lampp start
-
Access the application:
- User Portal:
http://localhost/mini-bank/ - Admin Panel:
http://localhost/mini-bank/admin.html
- User Portal:
Admin Login:
- Email:
admin@bank.com - Password:
admin123
- Register a new account
- Login with your credentials
- Note your auto-generated account number
- Request deposits/withdrawals (requires admin approval)
- Transfer money instantly to other account numbers
- View transaction history and notifications
- Login to admin panel
- View pending deposit/withdrawal requests
- Approve or reject requests
- Monitor all users and system transactions
- Change admin password in Settings tab
- Bcrypt password hashing
- Rate limiting (5 attempts, 15-min lockout)
- Session management
- Input validation
- CSRF protection ready
- XSS prevention
Edit config.php to customize:
- Database file location
- Error reporting
- CORS headers
- Session settings
Edit User.php constants to adjust rate limiting:
private const MAX_LOGIN_ATTEMPTS = 5; // Change attempts limit
private const LOCKOUT_DURATION = 900; // Change lockout time (seconds)POST /api.php?action=register- User registrationPOST /api.php?action=login- User/admin loginGET /api.php?action=getAccount&userId={id}- Get account infoPOST /api.php?action=requestDeposit- Request depositPOST /api.php?action=requestWithdrawal- Request withdrawalPOST /api.php?action=transfer- Transfer moneyGET /api.php?action=getTransactions&userId={id}- Get transactionsGET /api.php?action=getNotifications&userId={id}- Get notificationsPOST /api.php?action=adminApproveRequest- Approve request (admin)POST /api.php?action=adminRejectRequest- Reject request (admin)POST /api.php?action=adminChangePassword- Change admin password
- Try to login with wrong password 5 times
- Account should lock for 15 minutes
- Check error logs for debug info
- Register as user
- Request $1000 deposit
- Login as admin
- Approve the deposit request
- User balance should update instantly
"Undefined array key" errors:
- Run the application once; User.php auto-migrates old data
Can't login to admin:
- Check data.json has admin user with correct password hash
- Verify role is set to "admin"
- Check browser console for errors
Redirect loop on admin page:
- Clear localStorage:
localStorage.clear() - Clear browser cache
- Check admin.html access check logic
File permission errors:
- Linux/Mac:
chmod 666 data.json - Windows: Ensure write permissions
- Backend: PHP 8.3+ (OOP, Enums, Strict Types)
- Frontend: HTML5, JavaScript (ES6+), Tailwind CSS
- Database: JSON file storage
- Architecture: RESTful API, MVC-inspired
- Fork the repository
- Create a feature branch (
git checkout -b feature/AmazingFeature) - Commit your changes (
git commit -m 'Add some AmazingFeature') - Push to the branch (
git push origin feature/AmazingFeature) - Open a Pull Request
This project is open source and available under the MIT License.
This is a demonstration project for educational purposes. For production use:
- Use a proper database (MySQL, PostgreSQL)
- Implement additional security measures
- Add SSL/TLS encryption
- Use environment variables for sensitive data
- Implement proper logging and monitoring
- Add comprehensive testing
- MySQL/PostgreSQL database support
- Email notifications (PHPMailer)
- Two-factor authentication (2FA)
- Account statements (PDF generation)
- Loan management system
- Multi-currency support
- Transaction search and filters
- Export to Excel/CSV
- Dark mode
- Mobile app (React Native)
Ajani Taiwo MIcheal
- GitHub: @AlphaDevelopmental
- Tailwind CSS for styling
- PHP community for best practices
- Claude AI for development assistance