Hello everyone, I'm @xiaoqiangapi, the Chinese teacher who gives apis a "check-up". An article on , my SQL injection, XSS and prompt hijacked, API are blocked off. Let's take a different approach today - ** not attack, test 'resilience' **. Would the API crash if a sudden wave of requests came in, or if someone typed several thousand characters? I'm curious about it. The tools are still the same o
I finished an English series on the way I think ordinary people can start using AI for real work. The point is not to become an AI expert first. The point is to have one place where you can say what you want, give the tool access to the right folder, and check the result. Anything important still needs a human pause: publishing, deleting, paying, or authorizing. My preferred starting point is simp
When building modern applications, one problem shows up everywhere: How do I uniquely identify data across systems? That’s where UUIDs (Universally Unique Identifiers) come in. A UUID is a 128-bit unique identifier used to identify information in distributed systems. Example: 550e8400-e29b-41d4-a716-446655440000 It looks random - and that’s the point. Traditional IDs (like auto-increment integers
I got tired of not knowing why users were dropping off in my app. Heatmaps show you where people click. Analytics show you when they leave. But nothing tells you how they felt while using it. So I built SessionMood API — a REST API that scores user mood in real time based on behavioral events. You send behavioral events from your frontend: fetch("https://session-mood-api-production.up.railway.app/
A lot of online businesses eventually run into the same problem: traditional payment processors don’t always scale well for every type of business model. Over the past months, I’ve been exploring how modern payment infrastructure works, especially from a technical and architectural perspective. This is not a guide or a product pitch — just a breakdown of what I’ve been learning while building and
The Model Context Protocol (MCP) has become the default standard for connecting AI agents to external tools and APIs. Governed by the Linux Foundation since early 2025 and adopted by OpenAI, Anthropic, Microsoft, and Vercel, MCP is the USB-C port of the AI ecosystem — one protocol that lets any LLM application talk to any tool server. But there's a gap between reading the spec and building somethi
If you have spent any real time with Claude Code, you have probably noticed the same problem I did. You write the same instructions in the prompt every other day. "Use four-space indentation here." "Always run the linter after edits." "Format commit messages this way." After the third or fourth repeat, it stops feeling like a prompt and starts feeling like missing config. Skills are how Claude Cod
I Couldn’t Write a SQL Query Today… So I Started Learning SQL from Scratch (Day 1) A beginner’s journey into SQL, databases, and understanding how data powers real-world applications. Today, I got stuck on something that should have been simple. I had to write a SQL query to fetch specific data… And I couldn’t. I tried multiple times: Different queries Different approaches Guessing syntax