CSC 455: Bank (SQLite3 Backend, JS/HTML Front end, Express Middleware)

1. ###DBControl.js
2. var DBUtilis = require('./DBUtilis');
3. // this module is to orgnaize any sql queries we have
4. module.exports = {
5. getAccounts: function(userid, res) {
6. // nested queries to get all accounts for user id, with basic constructs
7. let sql = 'select * from (select a_id from customer_accounts where c_id = "' + userid + '") as t_a_id inner join account_info on t_a_id.a_id = account_info.a_id group by account_info.a_id';
8. DBUtilis.executeQuery(sql, res);
9. },
10. addUser: function(userid, dob, phone, res) {
11. // insert query, modifies database
12. let sql = 'INSERT INTO customer_info (c_id, d_o_b, phone)VALUES(?, ?, ?)';
13. let data = [userid, dob, phone]
14. DBUtilis.executeQueryWithData(sql, data, res);
15. },
16. addAccount: function(userid, res) {
17. // insert query
18. let sql = 'INSERT INTO customer_accounts (c_id)VALUES("' + userid + '")';
19. DBUtilis.executeGetQuery(sql, res);
20. },
21. deposit: function(amount, act_id, res) {
22. // this is a transaction, modifies database
23. let sql = 'update account_info SET account_balance = account_balance + ? where a_id = ?';
24. let data = [amount, act_id]
25.  
26. let sql2 = "INSERT INTO transactions_table (a_id, transaction_amount, transaction_date, transaction_description) VALUES(?, ?,date('now'), ?)"
27. let data2 = [act_id, amount, "Desposit"]
28.  
29. DBUtilis.executeTransaction(sql,sql2, data, data2, res);
30. },
31. withdraw: function(amount, act_id, res) {
32. // this is a transaction, with 3 sql statements, modifies database
33. let sql = 'update account_info SET account_balance = account_balance - ? where a_id = ?';
34. let data = [amount, act_id]
35.  
36. let sql2 = "INSERT INTO transactions_table (a_id, transaction_amount, transaction_date, transaction_description) VALUES(?, ?,date('now'), ?)"
37. let data2 = [act_id, amount*-1, "Withdraw"]
38.  
39. let sql3 = 'select * from account_info where a_id = ? and account_balance - ? >= 0';
40. let data3 = [act_id, amount]
41.  
42. DBUtilis.executeTransactionWithCheck(sql,sql2, sql3, data, data2, data3, res);
43. },
44. transfer: function(amount, act_id1, act_id2, res) {
45. // this is a transaction, modifies database
46. let sql1 = 'update account_info SET account_balance = account_balance - ? where a_id = ?';
47. let sql2 = 'update account_info SET account_balance = account_balance + ? where a_id = ?';
48. let data1 = [amount, act_id1]
49. let data2 = [amount, act_id2]
50. let sql3 = 'select * from account_info where a_id = ? and account_balance - ? >= 0';
51. let data3 = [act_id1, amount]
52.  
53. DBUtilis.executeTransactionWithCheck(sql1, sql2, sql3, data1, data2, data3, res);
54. },
55. getTransactions: function(userid, res) {
56. // nested queries to find all transactions for a user
57. let sql = 'select * from (select a_id from customer_accounts where c_id = "' + userid + '") as t inner join transactions_table on t.a_id = transactions_table.a_id';
58. DBUtilis.executeQuery(sql, res);
59. },
60. getTotalBalance: function(userid, res) {
61. // nested queries to get total balance using Aggregate functions
62. let sql = 'select sum(account_balance) as bal from (select a_id from customer_accounts where c_id = "' + userid + '") as t inner join account_info on t.a_id = account_info.a_id';
63. DBUtilis.executeGetQuery(sql, res);
64. },
65. viewAll: function(res) {
66. // shows the use of view
67. let sql = 'select * from view_all_accounts';
68. DBUtilis.executeQuery(sql, res);
69. },
70. };
71.  
72.  
73. /*
74. this is the view
75. CREATE VIEW `view_all_accounts` AS
76. SELECT account_balance, c_id, account_info.a_id from account_info INNER JOIN customer_accounts where account_info.a_id = customer_accounts.a_id
77.  
78. this is 1 trigger
79. CREATE TRIGGER on_account_insert AFTER INSERT ON customer_accounts
80. BEGIN
81. INSERT INTO account_info (a_id, account_balance)
82. VALUES(NEW.a_id, 0);
83. END
84.  
85. this is the second trigger
86. CREATE TRIGGER on_customer_info_insert AFTER INSERT ON customer_info
87. BEGIN
88. INSERT INTO customer_accounts (c_id)
89. VALUES(NEW.c_id);
90. END
91. */
92.  
93. ##DBUtilis.js
94. const sqlite3 = require('sqlite3').verbose();
95. let db = new sqlite3.Database('./bankBackend.db', (err) => {
96. //let db = new sqlite3.Database('./test.db', (err) => {
97. if (err) {
98. return console.error(err.message);
99. }
100. console.log('Connected to the in-memory SQlite database.');
101. });
102.  
103. module.exports = {
104. executeQuery: function(sql, res) {
105. db.all(sql, [], (err, rows) => {
106. if (err) {
107. throw err;
108. }
109. rows.forEach((row) => {
110. //console.log(row); // right now it just prints out the query, but we should have it return and then handle it on the server
111. });
112. res.send(rows)
113. });
114. },
115. executeGetQuery: function(sql, res) {
116. db.get(sql, [], (err, row) => {
117. if (err) {
118. return console.error(err.message);
119. }
120. res.send(row)
121. });
122. },
123. executeQueryWithData: function(sql, data, res) {
124. db.get(sql, data, (err, row) => {
125. if (err) {
126. res.send(err.message);
127. return console.error(err.message);
128. }
129. res.send(row)
130. });
131. },
132. executeTransaction: function(sql, sql2, data1, data2, res) {
133. db.serialize(function() {
134. db.run("BEGIN");
135. db.run(sql, data1, (err, row) => {
136. if (err) {
137. console.log(err.message);
138. res.send("Transaction has been cancelled")
139. } else {
140. db.run(sql2, data2, (err, row) => {
141. if (err) {
142. console.log(err);
143. db.rollback;
144. res.send("Transaction has been cancelled");
145. } else {
146. console.log('Transaction is done')
147. db.run('commit');
148. res.send("Transaction succeed");
149. }
150. });
151. }
152.  
153. });
154.  
155. });
156. },
157. executeTransactionWithCheck: function(sql, sql2, sql3, data1, data2, data3, res) {
158. db.serialize(function() {
159. db.run("BEGIN");
160. db.all(sql3, data3, (err, rows) => {
161. if (err) {
162. console.log(err.message)
163. return res.send(err.message);
164. } else {
165. if (rows.length > 0) { // checks to make sure there was a row with that a_id
166. db.run(sql, data1, (err, row) => {
167. if (err) {
168. console.log(err.message);
169. return res.send("Transaction has been cancelled")
170. } else {
171. db.run(sql2, data2, (err, row) => {
172. if (err) {
173. console.log(err);
174. db.rollback;
175. return res.send("Transaction has been cancelled");
176. } else {
177. console.log('Transaction is done')
178. db.run('commit');
179. return res.send("Transaction succeed");
180. }
181. });
182. }
183.  
184. });
185. } else {
186. db.run('commit');
187. return res.send("check failed"); // if the user account doesn't exist then send back that it doesn't
188. }
189. }
190. });
191. });
192. }
193. };
194.  
195. ###Server.js
196.  
197. // Modules
198. var express = require('express');
199. var path = require('path');
200. var app = express();
201. const DBControl = require('./DBControl');
202. const bodyParser = require('body-parser');
203. const Utils = require('./Utilities');
204.  
205. // Settings
206. const port = 3000
207. var userID = 0
208. // random stuff that helps the server accept methods from client
209. app.use(express.static('public'));
210. app.use(bodyParser.urlencoded({ extended: false }));
211. app.use(function (req, res, next) {
212. res.setHeader('Access-Control-Allow-Origin', '*');
213. res.setHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE');
214. res.setHeader('Access-Control-Allow-Headers', 'Content-Type');
215. res.setHeader('Access-Control-Allow-Credentials', true);
216. next();
217. });
218.  
219. //app.get listens to get requests, which is like when you go to google.com you do a get request for their page
220. //so this listens to get requests to localhost:8000 and will execute this function if someone goes there
221. // this is what executes when you go to localhost:3000, just defaults to the html file
222.  
223. // screen managers
224. app.get('/', function(req, res){
225. var options = {
226. root: path.join(__dirname)
227. };
228. var fileName = 'index.html'; // this is the default page
229. res.sendFile(fileName, options, function (err) {
230. if (err) {
231. next(err);
232. } else {
233. console.log('File: ', fileName, ' has been sent');
234. }
235. });
236. });
237.  
238.  
239.  
240. // get/post requests
241.  
242. app.post('/deposit', function (req, res) {
243. const body = req.body; // this is the parameters sent from client
244. console.log("Deposit request... Amount: "+body.amount+", Account Number: "+body.act_num)
245. if (!Utils.isNumber(req.body.amount)) {
246. res.send("Please enter a number"); // this is what we send back to the client once we're done
247. return;
248. }
249. DBControl.deposit(body.amount, body.act_num, res)
250. const amount = +body.amount
251. });
252.  
253. app.post('/withdraw', function (req, res) {
254. const body = req.body; // this is the parameters sent from client
255. console.log("Withdraw request... Amount: "+body.amount+", Account Number: "+body.act_num)
256. if (!Utils.isNumber(req.body.amount)) {
257. res.send("Please enter a number"); // this is what we send back to the client once we're done
258. return;
259. }
260. DBControl.withdraw(body.amount, body.act_num, res)
261. const amount = +body.amount
262. });
263.  
264. app.post('/transfer', function (req, res) {
265. console.log("Transfer request")
266. const body = req.body; // this is the parameters sent from client
267. const userid = Utils.getUserID(body.userid)
268. const act1 = body.act1
269. const act2 = body.act2
270. const amount = body.amount
271. DBControl.transfer(amount, act1, act2, res)
272. });
273.  
274. app.post('/addaccount', async function (req, res) {
275. console.log("Request to add account")
276. const body = req.body;
277. const userid = Utils.getUserID(body.userid)
278. DBControl.addAccount(userid, res)
279. });
280.  
281. app.post('/adduser', async function (req, res) {
282. console.log("Request to add user")
283. const body = req.body;
284. const userid = Utils.getUserID(body.userid)
285. const dob = body.dob
286. const phone = body.phone
287. DBControl.addUser(userid, dob, phone, res)
288. //res.send('done')
289. });
290.  
291. app.post('/getAccounts', async function (req, res) {
292.  
293. const body = req.body; // this is the parameters sent from client
294. const userid = Utils.getUserID(body.userid)
295. console.log("Request to get accounts of user ID: "+userid)
296. DBControl.getAccounts(userid, res)
297. });
298.  
299. app.post('/getTransactions', async function (req, res) {
300.  
301. const body = req.body; // this is the parameters sent from client
302. const userid = Utils.getUserID(body.userid)
303. console.log("Request to get transactions of user ID: "+userid)
304. DBControl.getTransactions(userid, res)
305. });
306.  
307. app.post('/totalBalance', async function (req, res) {
308.  
309. const body = req.body; // this is the parameters sent from client
310. const userid = Utils.getUserID(body.userid)
311. console.log("Request to get total balance of: "+userid)
312. DBControl.getTotalBalance(userid, res)
313. });
314.  
315. app.post('/viewAll', async function (req, res) {
316. console.log("Request to view all")
317. const body = req.body; // this is the parameters sent from client
318. DBControl.viewAll(res)
319. });
320.  
321. var server = app.listen(port, function () { // starts the server on the localhost/port
322. var host = server.address().address
323. var port = server.address().port
324.  
325. console.log("Citzen United Bank listening at http://%s:%s", host, port)
326. })
327.  
328.  
329. ##Utitlies.js
330. module.exports = {
331. isNumber: function (str) {
332. if (typeof str != "string") return false // we only process strings!
333. return !isNaN(str) && // use type coercion to parse the _entirety_ of the string (`parseFloat` alone does not do this)...
334. !isNaN(parseFloat(str)) // ...and ensure strings of whitespace fail
335. },
336.  
337. getUserID: function (str) {
338. if (typeof str != "string") return false // we only process strings!
339. return str.trim().split("User")[1]
340. }
341. };
342.  
343.  
344. ##Index.html
345.  
346. <!DOCTYPE html>
347. <html lang="en">
348. <head><!DOCTYPE html>
349.  
350. <head>
351. <title>Project</title>
352. <style>
353. body {
354. background-color: rgb(236, 152, 42);
355.  
356. }
357.  
358. .center {
359. color: white;
360. font-family: "Trebuchet MS", Helvetica, sans-serif;
361. text-align: center;
362. }
363. .card {
364. border: 2px white solid;
365. padding-bottom: 4px;
366. padding-top: 4px;
367. justify-content: "space-between";
368. align-items: 'center';
369. }
370. .transfer_card {
371. border: 2px white solid;
372. padding-bottom: 4px;
373. margin-bottom: 30px;
374. padding-top: 4px;
375. justify-content: "space-between";
376. align-items: 'center';
377. }
378. h1 {
379. font-size: 144px;
380. }
381.  
382. p {
383. font-size: 64px;
384. }
385. h2 {
386.  
387. width: 500px;
388. padding: 25px;
389. }
390. .dirrow {
391. display: flex;
392. flex-direction: row;
393. align-items: center;
394. justify-content: center;
395. background-color: rgb(255, 128, 0);
396. }
397. </style>
398. <script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js"></script>
399. <script>
400. function openForm() { // removes everything but registeration buttons
401. document.getElementById("registerForm").style.display = "block";
402. document.getElementById("loginstuff").style.display = "none";
403. document.getElementById("transactionstuff").style.display = "none";
404. document.getElementById("registerstuff").style.display = "none";
405. }
406.  
407. function closeForm() { // removes registration buttons and adds everything back
408. document.getElementById("registerForm").style.display = "none";
409. document.getElementById("loginstuff").style.display = "block";
410. document.getElementById("transactionstuff").style.display = "block";
411. document.getElementById("registerstuff").style.display = "block";
412. }
413. function viewShow() { //
414. document.getElementById("viewTable").style.display = "block";
415. document.getElementById("dirrow").style.display = "none";
416. $.post("http://localhost:3000/viewAll",{userid: null}, function(data){ // post server for all the accounts of the user
417. let table = document.getElementById("viewTable");
418. table.innerHTML = '';
419. for (var i = 0; i < data.length; i++) {
420. let card = document.createElement("div")
421. let user = document.createElement('p1')
422. let accountName = document.createElement('p1')
423. let balance = document.createElement('p1')
424. accountName.innerHTML = "Account Number: "+data[i].a_id
425. balance.innerHTML = " Balance: "+data[i].account_balance
426. user.innerHTML = " User ID: "+data[i].c_id
427. card.classList.add('card')
428. card.appendChild(accountName)
429. card.appendChild(balance)
430. card.appendChild(user)
431. table.appendChild(card)
432. }
433. });
434. }
435.  
436. function viewClose() { //
437. document.getElementById("viewTable").style.display = "none";
438. document.getElementById("dirrow").style.display = "flex";
439. }
440. function updateAccounts() { // it gets the accounts and then populates a table in the html with components
441. userid=document.getElementById("bankUser").innerHTML;
442. $.post("http://localhost:3000/getAccounts",{userid: userid}, function(data){ // post server for all the accounts of the user
443. //document.getElementById("bankBalance").innerHTML = data;
444. let table = document.getElementById("table");
445. table.innerHTML = '';
446. for (var i = 0; i < data.length; i++) {
447.  
448. let card = document.createElement("div")
449. let accountName = document.createElement('p1')
450. let balance = document.createElement('p1')
451.  
452. accountName.innerHTML = "Account Number: "+data[i].a_id
453. balance.innerHTML = " Balance: "+data[i].account_balance
454. card.classList.add('card')
455. card.appendChild(accountName)
456. card.appendChild(balance)
457. table.appendChild(card)
458. let input = document.createElement('input')
459. input.type = "Text";
460. input.size = 40;
461. input.value = "0";
462. input.id = data[i].a_id
463. let input1 = document.createElement('input')
464. input1.type = "Button";
465. input1.size = 40;
466. input1.value = "Withdraw";
467. input1.id = data[i].a_id
468. let input2 = document.createElement('input')
469. input2.type = "Button";
470. input2.size = 40;
471. input2.value = "Deposit";
472. input2.id = data[i].a_id
473. card.appendChild(input)
474. card.appendChild(input1)
475. card.appendChild(input2)
476. input2.addEventListener("click", function() { // add event listeners to each withdraw/ deposit button so they can communicate with server
477. // this is when they click deposit
478. let act_num = input2.id
479. let amount = input2.parentNode.childNodes[2].value
480. $.post("http://localhost:3000/deposit",{amount: amount, act_num: act_num}, function(data){ // this is when we send the POST request to the server
481. updatePage()
482. });
483. });
484. input1.addEventListener("click", function() {
485. // this is when they click withdraw
486. let act_num = input1.id
487. let amount = input1.parentNode.childNodes[2].value
488. $.post("http://localhost:3000/withdraw",{amount: amount, act_num: act_num}, function(data){ // this is when we send the POST request to the server
489. if (data.includes('check failed')) {
490. document.getElementById("mainerror").innerHTML = "Account: "+act_num+ " does not have enough money to withdraw";
491. } else {
492. updatePage()
493. }
494. });
495. });
496. }
497. });
498. }
499. function updateTransactions() { // gets all the transactions of a user and populates html with it
500. userid=document.getElementById("bankUser").innerHTML;
501. $.post("http://localhost:3000/getTransactions",{userid: userid}, function(data){ // post request for transactions
502. let table = document.getElementById("table1");
503. table.innerHTML = '';
504. for (var i = 0; i < data.length; i++) {
505.  
506. let card = document.createElement("div")
507. let accountName = document.createElement('p1')
508. let Date = document.createElement('p1')
509. let Amount = document.createElement('p1')
510. let Desc = document.createElement('p1')
511.  
512. accountName.innerHTML = "Account Number: "+data[i].a_id
513. Date.innerHTML = " Date: "+data[i].transaction_date
514. Amount.innerHTML = " Amount: "+data[i].transaction_amount
515. Desc.innerHTML = " Description: "+data[i].transaction_description
516. card.classList.add('card')
517. card.appendChild(accountName)
518. card.appendChild(Date)
519. card.appendChild(Amount)
520. card.appendChild(Desc)
521. table.appendChild(card)
522. }
523. });
524. }
525. function updateBalance() {
526. userid=document.getElementById("bankUser").innerHTML; // we take the input from the text button
527. $.post("http://localhost:3000/totalBalance",{userid: userid}, function(data){ // this is when we send the POST request to the server
528. document.getElementById("totalBalance").innerHTML = "Total Balance: "+data.bal;
529. });
530. }
531. function updatePage() {
532. document.getElementById("mainerror").innerHTML = ""
533. updateAccounts()
534. updateTransactions()
535. updateBalance()
536. }
537. </script>
538. <script>
539. $(document).ready(function(){ // handles creating new accounts for a user
540. var userid;
541. $("#newAccount").click(function(){
542. userid=document.getElementById("bankUser").innerHTML;
543. $.post("http://localhost:3000/addaccount",{userid: userid}, function(data){ // this is when we send the POST request to the server
544. updatePage()
545. });
546. });
547. });
548. </script>
549. <script>
550. $(document).ready(function(){ // this opens register form
551. $("#openRegisterForm").click(function(){
552. openForm()
553. });
554. });
555. </script>
556. <script>
557. $(document).ready(function(){
558. var userid;
559. $("#registerCustomer").click(function(){ // this handles registering users
560. userid=$("#registerUsername").val();
561. dob=$("#registerDate").val();
562. phone=$("#registerPhone").val();
563. $.post("http://localhost:3000/adduser",{userid: userid, dob: dob, phone: phone}, function(data){ // this is when we send the POST request to the server
564. if (data.includes('constraint')) { // if user already exists
565. return document.getElementById("error").innerHTML = "User already exists";
566. }
567. if (data.includes('datatype')) {
568. return document.getElementById("error").innerHTML = "Name must be User followed by numbers, example : User12";
569. }
570. document.getElementById("bankUser").innerHTML = userid;
571. updatePage()
572. closeForm()
573.  
574. });
575. });
576. });
577. </script>
578. <script>
579. $(document).ready(function(){ // this handles transfer events
580. var userid;
581. $("#transferSubmit").click(function(){
582. userid=document.getElementById("bankUser").innerHTML;
583. act1=$("#transferACT1").val();
584. act2=$("#transferACT2").val();
585. amount=$("#transferAmount").val();
586. $.post("http://localhost:3000/transfer",{userid: userid, act1: act1, act2: act2, amount: amount}, function(data){ // this is when we send the POST request to the server
587. if (data.includes('check failed')) {
588. document.getElementById("mainerror").innerHTML = "Account: "+act1+ " does not exist or does not have enough to do the transfer";
589. } else {
590. document.getElementById("mainerror").innerHTML = ""
591. updatePage()
592. }
593. });
594. });
595. });
596. </script>
597. <script>
598. $(document).ready(function(){
599. var userid;
600. $("#loginSubmit").click(function(){ // changes the userid of the html
601. userid=$("#loginText").val();
602. document.getElementById("bankUser").innerHTML = userid;
603. updatePage()
604. });
605. });
606. </script>
607. <script>
608. $(document).ready(function(){
609. var userid;
610. $("#viewShow").click(function(){ // manages the view button
611. viewShow()
612. });
613. });
614. </script>
615. <script>
616. $(document).ready(function(){
617. var userid;
618. $("#viewClose").click(function(){ // manages the view button
619. viewClose()
620. closeForm()
621. });
622. });
623. </script>
624. <script>
625. $(document).ready(function(){ // closes the registeration page and updates the html on first load
626. document.getElementById("registerForm").style.display = "none";
627. updatePage()
628. });
629. </script>
630. </head>
631.  
632. <body>
633. <div class="center">
634. <div class="form-popup" id="myForm">
635. </div>
636. <h1>Citizens United Bank!</h1>
637. <p>Welcome!</p>
638. <p id=bankUser>User1</p>
639. <p id='mainerror'></p>
640. <div id='dirrow' class="dirrow">
641. <h2 id='registerstuff'>
642. <div class ='transfer_card'>
643. <input type="TEXT" id="transferACT1" size = '10' value="AccountID1">
644. <input type="TEXT" id="transferACT2" size = '10'value="AccountID2">
645. <input type="TEXT" id="transferAmount" size = '10'value="Amount">
646. <input type="Button" id="transferSubmit" value="Transfer Money">
647. </div>
648.  
649. <input type="button" id="newAccount" value="Create New Account">
650.  
651. <ul id ="table">
652.  
653.  
654. </ul>
655. </h2>
656. <h2 id='loginstuff'>
657. <p id='totalBalance'>Total Balance: </p>
658.  
659. <p2> Login to different accout: </p2>
660. <input type="TEXT" id="loginText" size="40" value="User1"><br>
661. <input type="button" id="loginSubmit" value="Login">
662. <input type="button" id="openRegisterForm" value="Register New User">
663. </h2>
664. <h2 id='transactionstuff'>
665. <p> Transactions </p>
666. <ul id ="table1">
667.  
668.  
669. </ul>
670. </h2>
671. <h2 class= 'register' id='registerForm'>
672. <ul>
673. <p id='error'></p>
674. <input type="TEXT" id="registerUsername" size="40" value="User1"><br>
675. <input type="date" id="registerDate" size="40" value="2018-07-22"><br>
676. <input type="tel" id="registerPhone" size="40" value="999-9999-9999"><br>
677. <input type="button" id="registerCustomer" value="Register">
678. </ul>
679. </h2>
680. </div>
681. <ul id ="viewTable">
682.  
683.  
684. </ul>
685. <input type="button" id="viewClose" value="go back">
686. <input type="button" id="viewShow" value="show all accounts">
687. </div>
688. </body>
689.  
690. </html>
691.  
692.