Overview
Full security rewrite of a legacy entitlement server serving multiple Axel Springer magazine apps — without losing the business logic underneath.
Achievement
Took ownership of a production system with critical vulnerabilities — SQL injection and passwords stored in plaintext — and rewrote it from the ground up while keeping existing subscribers and business rules intact.
Outcomes
- ◆ Identified and eliminated SQL injection vulnerabilities and cleartext password storage in the legacy codebase
- ◆ Rewrote the entire service as a secure, stable backend — preserving all existing business logic during the transition
- ◆ Integrated three distinct entitlement paths into a single cohesive service: Axel Springer SSO subscribers, Apple in-app purchase subscribers, and print magazine readers redeeming coupon codes
- ◆ Served as the shared access layer for Auto Bild, Sport Bild, and other Axel Springer titles
Technologies
PHPMySQL