Academia · Heritage · 2025

Legacies of British Slavery

Migration and modernisation of a 2012 web application documenting British slave-ownership. Replaced hardcoded SQL with an ORM, added a test framework, and resolved long-standing security vulnerabilities across a dataset that receives millions of visitors a year.

Visit the website →
Legacies of British Slavery

Problem

The Legacies of British Slavery database was built in 2012 and had not been substantially updated since. The codebase relied on legacy custom PHP with hardcoded SQL queries throughout, leaving it exposed to SQL injection and other security vulnerabilities. The application needed to remain available throughout the work — it receives millions of visitors a year and documents one of the largest historical datasets of British slave-owners ever compiled.

Approach

A full audit of the codebase identified all raw SQL queries and insecure input handling. These were progressively replaced with an ORM layer, giving the data model a consistent and safe interface. A test framework was introduced to cover the core query logic and ensure the large number of records continued to be retrieved correctly after each change. Security fixes were applied in parallel, addressing injection risks and hardened input validation throughout.

Outcome

The application was successfully migrated to a modern, maintainable codebase without disruption to the live service. The ORM and test suite provide a foundation for future development, and the security vulnerabilities identified in the original 2012 code were fully resolved.

InstitutionUCL

Year2025

TechPHP, MySQL, ORM, PHPUnit

← All projects