Redevelopment of a legacy CRM system using a modern web framework : A case study
Nguyen Dinh Khanh, Chi (2026)
2026
All rights reserved. This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.
Julkaisun pysyvä osoite on
https://urn.fi/URN:NBN:fi:amk-202604227463
https://urn.fi/URN:NBN:fi:amk-202604227463
Tiivistelmä
The goal of this thesis was to redesign a legacy Customer Relationship Management (CRM) system for an anonymized digital services company to replace its existing CRM with a fully functional modern prototype. The company was using its custom-built CRM that was developed on the PHP 5 environment which is no longer up to date since 2018. The legacy system was plagued with close-coupled codebase and lack of a modular structure, domain renewal control with no graphical alerts, non-responsive interface and lack of security features such as no CSRF protection and no secure authentication. The thesis defines problems of legacy systems, implements the modern web development patterns to redesign and assesses the improvements.
The thesis is based on the practice-based, applied research that is organized into a single-case study. To create the theorical background, the key ideas connected with CRM systems, challenges with the legacy system, redevelopment strategies, modern web technologies, and software quality attributes are discussed first. The legacy system was analyzed next using available documentation and interface screenshots to determine its major constraints. Following this analysis and requirements provided by the client, a redesigned system architecture was proposed and developed in stages according to the principles of Agile. The qualitative data was gathered via documentation of the project, written client feedback as well as a functional comparison between the two systems. The research does not involve actual client data or enterprise-level features such as role-based access control or external API integrations due to confidentiality issues.
The system has been redeveloped on Laravel 12 and PHP 8 with a responsive Tailwind CSS interface and a framework-standard level of security that includes CSRF protection and secure session management. The result is a fully operational CRM prototype with full CRUD support of client and domain management, automated renewal tracking with color-coded expiry warnings, a centralized dashboard with an updated domain status summary, polymorphic note management in both client and domain records, and dynamic search and filter functionality. The security was managed with a self- developed authentication layer based on the framework-level protections of Laravel.
The study has shown that modern web frameworks, including Laravel, offer an efficient and practical base to substitute the outdated CRM systems in small and medium-sized enterprises. The redesigned system addresses the structural, usability and security constraints of the legacy CRM and builds a more maintainable and extensible architecture with MVC separation of concerns and an Eloquent ORM abstraction. According to informal user acceptance testing conducted with the commissioning organization, the new system was well received with high praise of the dashboard overview, automated renewal tracking, search and filtering facilities, and the general decrease in technical knowledge needed to perform routine operational tasks. It is advised that the organization continues with the complete migration to MariaDB production environment and considers role-based access control to be the next immediate step to further enhance the system security and multi-user operational processes.
The thesis is based on the practice-based, applied research that is organized into a single-case study. To create the theorical background, the key ideas connected with CRM systems, challenges with the legacy system, redevelopment strategies, modern web technologies, and software quality attributes are discussed first. The legacy system was analyzed next using available documentation and interface screenshots to determine its major constraints. Following this analysis and requirements provided by the client, a redesigned system architecture was proposed and developed in stages according to the principles of Agile. The qualitative data was gathered via documentation of the project, written client feedback as well as a functional comparison between the two systems. The research does not involve actual client data or enterprise-level features such as role-based access control or external API integrations due to confidentiality issues.
The system has been redeveloped on Laravel 12 and PHP 8 with a responsive Tailwind CSS interface and a framework-standard level of security that includes CSRF protection and secure session management. The result is a fully operational CRM prototype with full CRUD support of client and domain management, automated renewal tracking with color-coded expiry warnings, a centralized dashboard with an updated domain status summary, polymorphic note management in both client and domain records, and dynamic search and filter functionality. The security was managed with a self- developed authentication layer based on the framework-level protections of Laravel.
The study has shown that modern web frameworks, including Laravel, offer an efficient and practical base to substitute the outdated CRM systems in small and medium-sized enterprises. The redesigned system addresses the structural, usability and security constraints of the legacy CRM and builds a more maintainable and extensible architecture with MVC separation of concerns and an Eloquent ORM abstraction. According to informal user acceptance testing conducted with the commissioning organization, the new system was well received with high praise of the dashboard overview, automated renewal tracking, search and filtering facilities, and the general decrease in technical knowledge needed to perform routine operational tasks. It is advised that the organization continues with the complete migration to MariaDB production environment and considers role-based access control to be the next immediate step to further enhance the system security and multi-user operational processes.