Ryan Hill Research Foundation

An integrated public portal and operating system for a foundation that has advanced esophageal research since 1976 — combining a fully content-managed marketing site, research-grant and fellowship application workflows, an end-to-end donation pipeline with automated tax receipting, and a campaign management system with binding electronic signatures for major-gift pledges.

50+ Years

Foundation History

May 2026

Portal Launch

13 Pages

Inline-Editable

501(c)(3)

Automated Receipts

Technology Stack

Built With

Next.js 16TypeScriptTailwindVercelSupabaseStripeAWS SESSignWellPDFShiftGoogle Cloud StorageGoogle DriveTwilio Verify

Project Overview

About This Project

Visit Ryan Hill Research Foundation →

The platform

The portal runs on Next.js 16 with TypeScript and Tailwind, served from Vercel's edge network and backed end-to-end by Supabase (Postgres, Auth, and Storage). What makes the day-to-day experience distinctive is that every page on the public site is fully content-managed: an admin signs in once and can then click directly on any heading, paragraph, image, list row, or section banner on the live page to edit it inline — no separate CMS dashboard, no rebuild step, no markdown files. Edits land in a Supabase Storage key-value bucket, cache instantly to local storage for snappy navigation, and replicate nightly to a Google Cloud Storage archive for disaster recovery. Above and below the static layout of each of the thirteen public pages, admins can drop in additional dynamic sections — text blocks, card grids, image+text splits, highlight CTAs, button rows, focus grids, link lists, image galleries — reorder them with a click, and even move them across the "above" and "below" slots that bracket the fixed content. The same primitives drive the Board of Directors roster, the Fellow Directory, the Publication catalog (with decade-tabbed filtering and self-hosted PDFs of historic papers), the events history, and the entire 12-section mega-menu whose labels, descriptions, and preview images are all editable in place. A draggable admin toolbar floats above any page in edit mode, and a server-rendered staging banner makes it unmistakable when the editor is working on the staging branch versus production.

Transactional core

Beneath the editable surface sits a transactional core that runs the Foundation's real revenue and program operations. Visitors can apply for research grants through a six-step wizard (Applicant Info → Project Overview → Research Plan → Budget & Support → Compliance Documents → Attestations) and for the Thoracoesophageal Fellowship through a parallel flow, both built on React Hook Form with Zod schema validation, file uploads to Supabase Storage, and resume-later support; submissions land in a Postgres table that drives an admin Kanban-style pipeline review board. Donations move end-to-end through Stripe Checkout in either one-time or recurring monthly mode, hit a signature-verified webhook (fail-closed — unsigned posts are rejected before any business logic runs), and trigger a four-stage atomic pipeline: a per-session sidecar write that is immune to webhook retries, a tax-deductible receipt PDF generated server-side and stamped with the Foundation's EIN and 501(c)(3) attestation, persistence into Supabase Storage, then a multipart MIME email through AWS SES delivering the PDF as an attachment to both the donor and the admin team. For major-gift and pledge campaigns — where a single large project requires a legally binding pledge document — the platform layers in a documented e-signature pipeline that has been live in production since May 5, 2026: campaign HTML is rendered through PDFShift into a print-quality PDF, dispatched through SignWell for ESIGN/UETA-compliant binding signatures (live mode, not test), automatic reminder cadences fire via a Vercel cron job, and the executed document is archived into a Google Drive folder via domain-wide-delegation impersonation so the Executive Director sees it in her own Drive. Every state transition — sent, viewed, signed, completed, declined — flows back into the same campaign record, giving admins a live progress board across shared and individually-issued recipients without ever leaving the portal.

Security & infrastructure

VMVTech maintains the platform on a continuous cadence with a clear split between system-level hardening and editorial upkeep. Every privileged surface is gated behind HMAC-signed admin tokens with one-time-passcode verification through Twilio Verify. The Stripe webhook is signature-verified end-to-end with fail-closed defaults; webhook signing secrets are rotated on cadence and on suspicion through a routine flow that swaps the Stripe endpoint, the Vercel secret, and replays any in-flight events in a single sweep. Environment variables are partitioned per Vercel deployment target so staging and production carry independently encrypted secrets; Supabase row-level security covers the user-facing tables; and a daily HMAC-protected cron mirrors the entire CMS JSON store to a 30-day-retained Supabase Storage backup bucket and into Google Cloud Storage under a separate IAM principal. Every donation pipeline step — received, pdfGenerated, pdfStored, emailed, plus their failure counterparts — is emitted as structured JSON through a central logger with PII masked, so a failed receipt or a drifted secret surfaces in Vercel runtime logs immediately instead of as a silent dead letter. Framework and dependency updates — Next.js patches, security advisories, font and licensing transitions, Supabase platform upgrades — ship through the staging branch first, where the amber environment banner makes the context unmistakable before promotion to production via a git merge.

Content & editorial workflow

Day-to-day content maintenance is built around the operating principle that anyone with admin credentials, regardless of technical background, can keep the site current without filing a developer ticket. Adding or revising a board member, a fellow's biography, a publication entry, a campaign, or an entire new page section is point-and-click on the live page. An optional AI-assisted "Review & Save" pass on rich text catches typos and tightens copy before content goes live, and an "AI Write" prompt can draft new copy from a one-line description. Image uploads run through server-side Sharp resizing into web-friendly WebP at the right dimensions for the layout, with a live "Source: WxH" badge that turns amber and prompts a re-upload if a portrait is too small to render cleanly across the board, fellow, and pipeline grids; non-destructive focal-point and crop tools mean a single source headshot reads correctly at every avatar size without re-uploading. Transactional records are reconciled and audited regularly — a built-in reconcile route consolidates per-session sidecar files into a canonical donations.json with full audit trail, orphan receipts are backfilled with explanatory notes so the books always tie back to the receipt PDFs on disk, and listing schemas use versioned IDs so structural changes to seeded data flow cleanly past previously-saved snapshots without manual database surgery.

Outcome

The combined result is a portal the Foundation runs day-to-day on its own — fundraising, grant intake, publication catalog, board changes, campaign signatures — while VMVTech handles framework upgrades, infrastructure hardening, and the periodic platform-level work in the background, with the staging environment, daily backups, and live in-page editing turning what was historically an annual website refresh into a continuous, low-friction operation.

Interested in a Similar Solution?

We can build a custom platform tailored to your organization's unique requirements, with the same attention to compliance and scalability.