Extension:AbuseFilter/Rules format/fr

From MediaWiki.org
Jump to navigation Jump to search
This page is a translated version of the page Extension:AbuseFilter/Rules format and the translation is 2% complete.

Other languages:
English • ‎dansk • ‎español • ‎français • ‎русский • ‎मराठी • ‎中文 • ‎日本語

Les règles sont formatées en tant que conditions dans un langage C/Java/Perl.

Chaînes

Vous pouvez spécifier un littéral en le plaçant dans des guillemets simples ou doubles (pour les chaînes), ou en les tapant en tant que-est (pour les nombres, à virgule flottante et entier). Vous pouvez obtenir des sauts de trait avec \n, des caractères de tabulation avec \t, et vous pouvez également échapper au caractère de citation avec une barre oblique inverse.

Utilisez le symbole + (plus) pour concaténer deux littéral Strings ou les valeurs de deux Vars avec une valeur de chaîne.

Exemples
"Il s'agit d'une chaîne"
'C'est aussi une chaîne'
'This string shouldn\'t fail'
"This string\nHas a linebreak"
1234
1.234
-123

User-defined variables

You can define custom variables for ease of understanding with the assign symbol := in a line (closed by ;) within a condition. Such variables may use letters, underscores, and numbers (apart from the first character) and are case sensitive. Example (from w:Special:AbuseFilter/79):

(
	line1:="(\{\{(r|R)eflist|\{\{(r|R)efs|<references\s?/>|</references\s?>)";
	rcount(line1, removed_lines)
) > (
	rcount(line1, added_lines)
)

Arrays

AbuseFilter has support for non-associative arrays, which can be used like in the following examples.

my_array := [ 5, 6, 7, 10];
my_array[0] == 5
length(my_array) == 4
int( my_array ) === 4 // Same as length
float( my_array ) === 4.0 // Counts the elements
string(my_array) == "5\n6\n7\n10\n" //Note: the last linebreak could be removed in the future
5 in my_array == true
'5' in my_array == true
'5\n6' in my_array == true //Note: this is due to how arrays are casted to string, i.e. by imploding them with linebreaks
1 in my_array == true //Note: this happens because 'in' casts arguments to strings, so the 1 is caught in '10' and returns true.
my_array[] := 57 // This appends an element at the end of the array
my_array === [ 5, 6, 7, 10, 57 ]
my_array[2] := 42 // And this is for changing an element in the array
my_array === [ 5, 6, 42, 10, 57 ]


Comments

You can specify comments using the following syntax:

/* This is a comment */

Arithmetic

You can use basic arithmetic symbols to do arithmetic on variables and literals with the following syntax:

  • - — Subtract the right-hand operand from the left-hand operand.
  • + — Add the right-hand operand to the left-hand operand.
  • * — Multiply the left-hand operand by the right-hand operand.
  • / — Divide the left-hand operand by the right-hand operand.
  • ** — Raise the left-hand operand to the exponential power specified by the right-hand operand.
  • % — Return the remainder given when the left-hand operand is divided by the right-hand operand.

The type of the returned result is the same that would be returned by PHP, for which a lot of documentation may be found online. More exhaustive examples may be found in this AF parser test.

Example Result
1 + 1 2
2 * 2 4
1 / 2 0.5
9 ** 2 81
6 % 5 1

Boolean operations

You can match if and only if all of a number of conditions are true, one of a number of conditions are true, or one and only one of all conditions are true.

  • x | y — OR – returns true if one or more of the conditions is true.
  • x & y — AND – returns true if both of the conditions are true.
  • x ^ y — XOR – returns true if one, and only one of the two conditions is true.
  • !x — NOT – returns true if the condition is not true.

Examples

Code Result
1 | 1 true
1 | 0 true
0 | 0 false
1 & 1 true
1 & 0 false
0 & 0 false
1 ^ 1 false
1 ^ 0 true
0 ^ 0 false
!1 false

Simple comparisons

You can compare variables with other variables and literals with the following syntax:

  • <, > — Return true if the left-hand operand is less than/greater than the right-hand operand respectively. Watch out: operands are casted to strings and, like it happens in PHP, null < any number === true and null > any number === false.
  • <=, >= — Return true if the left-hand operand is less than or equal to/greater than or equal to the right-hand operand respectively. Watch out: operands are casted to strings and, like it happens in PHP, null <= any number === true and null >= any number === false.
  • == (or =), != — Return true if the left-hand operand is equal to/not equal to the right-hand operand respectively.
  • ===, !== — Return true if the left-hand operand is equal to/not equal to the right-hand operand AND the left-hand operand is the same/not the same data type to the right-hand operand respectively.
Example Result
1 == 2 false
1 <= 2 true
1 >= 2 false
1 != 2 true
1 < 2 true
1 > 2 false
2 = 2 true
'' == false true
'' === false false
1 == true true
1 === true false
['1','2','3'] == ['1','2','3'] true
[1,2,3] === [1,2,3] true
['1','2','3'] == [1,2,3] true
['1','2','3'] === [1,2,3] false
[1,1,''] == [true, true, false] true
[] == false & [] == null true
['1'] == '1' false[1]

Built-in variables

The abuse filter passes various variables by name into the parser. These variables can be accessed by typing their name in, in a place where a literal would work. You can view the variables associated with each request in the abuse log.

Variables from AbuseFilter

Variables always available

Attention! Attention : User-related variables are always available, except for one case: account creation when the creator is not logged in. All variables starting with user_ are affected.
Description Name Data type Notes
Action action string One of the following: edit, move, createaccount, autocreateaccount, delete, upload[2], stashupload[3]
Compteur de modifications de l'utilisateur user_editcount integer/null Null only for unregistered users.
Nom du compte de l’utilisateur user_name string
For "createaccount" action, use accountname if you want the name of the account being created.
Temps depuis la confirmation de l'adresse courriel user_emailconfirm string In the format: YYYYMMDDHHMMSS. Null if the email wasn't confirmed.
Âge du compte utilisateur user_age integer In seconds. 0 for unregistered users.
Si l'utilisateur est bloqué user_blocked boolean True for blocked registered users. Also true for edits from blocked IP addresses, even if the editor is a registered user who is not blocked. Null otherwise.
This doesn't differentiate between partial and total blocks.
Groupes (y compris les implicites) dont l'utilisateur est membre user_groups array of strings see Special:ListGroupRights
Droits de l'utilisateur user_rights array of strings see Special:ListGroupRights
Numéro de la page article_articleid integer (obsolète) Use page_id instead.
Numéro de la page (found in the page's HTML source - search for wgArticleId) page_id integer In theory this is 0 for new pages, but this is unreliable. If you need an exact result, use "page_age == 0" to identify new page creation. (note that it is slower, though.)
Espace de noms de la page article_namespace integer (obsolète) Use page_namespace instead.
Espace de noms de la page page_namespace integer refers to namespace index
Age de la page (en secondes) page_age integer the number of seconds since the first edit (or 0 for new pages). This is reliable, but it tends to be slow; consider using page_id if you don't need much precision.
Titre de la page (sans l'espace de noms) article_text string (obsolète) Use page_title instead.
Titre de la page (sans l'espace de noms) page_title string
Titre complet de la page article_prefixedtext string (obsolète) Use page_prefixedtitle instead.
Titre complet de la page page_prefixedtitle string
Modifier le niveau de protection de la page article_restrictions_edit string (obsolète) Use page_restrictions_edit instead.
Modifier le niveau de protection de la page page_restrictions_edit array of strings
Renommer le niveau de protection de la page article_restrictions_move string (obsolète) Use page_restrictions_move instead.
Renommer le niveau de protection de la page page_restrictions_move array of strings
Protection contre le téléversement article_restrictions_upload string (obsolète) Use page_restrictions_upload instead.
Protection contre le téléversement page_restrictions_upload array of strings
Protection contre la création de page article_restrictions_create string (obsolète) Use page_restrictions_create instead.
Protection contre la création de page page_restrictions_create array of strings
Les dix derniers contributeurs de la page article_recent_contributors array of strings (obsolète) Use page_recent_contributors instead.
Les dix derniers contributeurs de la page page_recent_contributors array of strings This tends to be slow (see #Performance). Try to put conditions more likely evaluate to false before this one, to avoid unnecessarily running the query. This value is empty if the user is the only contributor to the page(?), and only scans the last 100 revisions
Premier utilisateur à contribuer à cette page article_first_contributor string (obsolète) Use page_first_contributor instead.
Premier utilisateur à contribuer à cette page page_first_contributor string This tends to be slow (see #Performance).[4] Try to put conditions more likely evaluate to false before this one, to avoid unnecessarily running the query.

Variables available for some actions

Attention! Attention : Always check that the variables you want to use are available for the current action being filtered, e.g. by using the action variable. Failing to do so (for instance using accountname for an edit, or edit_delta for a deletion) will make any code using the variable in question return false.
Description Name Data type Notes
Résumé/motif de la modification summary string Summaries automatically created by MediaWiki ("New section", "Blanked the page", etc.) are created after the filter checks the edit, so they will never actually catch, even if the debugger shows that they should.[5]
Si la modification est marquée comme mineure ou pas (n'est plus utilisé) minor_edit string Disabled, and set to false for all entries between 2016 and 2018.[6]
Wikitexte de l’ancienne page, avant la modification old_wikitext string This variable can be very large. Consider using removed_lines if possible to improve performance.
Wikitexte de la nouvelle page, après la modification new_wikitext string This variable can be very large. Consider using added_lines if possible to improve performance.
Diff unifié des changements faits lors de la modification edit_diff string
Différence unifiée des modifications effectuées dans l’aperçu avant enregistrement transformé edit_diff_pst string This tends to be slow (see #Performance). Checking both added_lines and removed_lines is probably more efficient.[7]
Nouvelle taille de la page new_size integer
Ancienne taille de la page old_size integer
Différence de taille lors de la modification edit_delta integer
Lignes ajoutées dans l’aperçu avant enregistrement de la modification added_lines_pst array of strings Use added_lines if possible, which is more efficient.
Lignes ajoutées lors de la modification added_lines array of strings includes all lines in the final diff that begin with +
Lignes supprimées par la modification removed_lines array of strings
Tous les liens externes dans le nouveau texte all_links array of strings
Liens dans la page, avant la modification old_links array of strings
Tous les liens externes ajoutés dans la modification added_links array of strings This tends to be slow (see #Performance). Consider checking against added_lines first, then check added_links so that fewer edits are slowed down. This follows MediaWiki's rules for external links . Only unique links are added to the array. Changing a link will count as 1 added and 1 removed link.
Tous les liens externes retirés lors de la modification removed_links array of strings This tends to be slow (see #Performance). Consider checking against removed_lines first, then check removed_links so that fewer edits are slowed down. This follows MediaWiki's rules for external links . Only unique links are added to the array. Changing a link will count as 1 added and 1 removed link.
Texte wiki de la nouvelle page, transformé avant enregistrement new_pst string
Source HTML analysé de la nouvelle version new_html string This variable can be very large. Consider using added_lines if possible to improve performance.
Texte de la nouvelle page, nettoyé de tout balisage new_text string This variable can be very large. Consider using added_lines if possible to improve performance.
Wikitexte de l’ancienne page, analysé en HTML (n'est plus plus utilisé) old_html string Disabled for performance reasons.
Texte de l’ancienne page, dépourvu de toute mise en forme (n'est plus utilisé) old_text string Disabled for performance reasons.
Unix timestamp of change timestamp string int(timestamp) gives you a number with which you can calculate the date, time, day of week, etc.
hachage SHA1 du contenu du fichier file_sha1 string [2]
Taille du fichier en octets file_size integer The file size in bytes[2]
Largeur du fichier en pixels file_width integer The width in pixels[2]
Hauteur du fichier en pixels file_height integer The height in pixels[2]
Nombre de bits par canal de couleur dans le fichier file_bits_per_channel integer The amount of bits per color channel[2]
Numéro de la page de destination du renommage moved_to_articleid integer (obsolète) Use moved_to_id instead.
Numéro de la page de destination du renommage moved_to_id integer
Titre de la page de destination du renommage moved_to_text string (obsolète) Use moved_to_title instead.
Titre de la page de destination du renommage moved_to_title string
Titre entier de la page de destination du renommage moved_to_prefixedtext string (obsolète) Use moved_to_prefixedtitle instead.
Titre entier de la page de destination du renommage moved_to_prefixedtitle string
Espace de noms de la page de destination du renommage moved_to_namespace string
Âge de la page de destination du déplacement (en secondes) moved_to_age integer
Espace de noms de la page d'origine à renommer moved_from_namespace string
Titre de la page d'origine à renommer moved_from_text string (obsolète) Use moved_from_title instead.
Titre de la page d'origine à renommer moved_from_title string
Titre entier de la page d'origine à renommer moved_from_prefixedtext string (obsolète) Use moved_from_prefixedtitle instead.
Titre entier de la page d'origine à renommer moved_from_prefixedtitle string
Numéro de la page d'origine à renommer moved_from_articleid integer (obsolète) Use moved_from_id instead.
Numéro de la page d'origine à renommer moved_from_id integer
Âge de la page source déplacée (en secondes) moved_from_age integer
Nom du compte (lors de la création du compte) accountname string
Content model of the old revision old_content_model string See Aide:ChangeContentModel for information about content model changes
Content model of the new revision new_content_model string See Aide:ChangeContentModel for information about content model changes


Variables from other extensions

Description Name Data type Values Added by
Groupes globaux auxquels appartient l'utilisateur global_user_groups array CentralAuth
ID de la page du tableau des discussions structurées board_articleid integer (obsolète) Use board_id instead. StructuredDiscussions
ID de la page du tableau des discussions structurées board_id integer StructuredDiscussions
Espace de noms du tableau des discussions structurées board_namespace integer refers to namespace index StructuredDiscussions
Titre (sans l’espace de noms) du tableau des discussions structurées board_text string (obsolète) Use board_title instead. StructuredDiscussions
Titre (sans l’espace de noms) du tableau des discussions structurées board_title string StructuredDiscussions
Titre complet du tableau des discussions structurées board_prefixedtext string (obsolète) Use board_prefixedtitle instead. StructuredDiscussions
Titre complet du tableau des discussions structurées board_prefixedtitle string StructuredDiscussions
Texte source de l'unité de traduction translate_source_text string Translate
Si la modification a été faite via un nœud de sortie de Tor tor_exit_node boolean true if the action comes from a tor exit node. TorBlock
Si un utilisateur est ou non en cours de modification via l’interface mobile user_mobile boolean true for mobile users, false otherwise. MobileFrontend
Dans le cas où l'utilisateur modifie à partir d'une application mobile user_app boolean true if the user is editing from the mobile app, false otherwise. MobileApp
⧼abusefilter-edit-builder-vars-user-wpzero⧽ user_wpzero boolean
This variable is only valid when filtering an action. When examining a past edit or batch testing, it'll always be null.
WikimediaEvents
⧼abusefilter-edit-builder-vars-page-views⧽ article_views integer (obsolète) Use page_views instead. HitCounters
⧼abusefilter-edit-builder-vars-page-views⧽ page_views integer the amount of page views HitCounters
⧼abusefilter-edit-builder-vars-movedfrom-views⧽ moved_from_views integer the amount of page views of the source page HitCounters
⧼abusefilter-edit-builder-vars-movedto-views⧽ moved_to_views integer the amount of page views of the target page HitCounters
⧼abusefilter-edit-builder-vars-is-proxy⧽ is_proxy integer Whether this action was performed through a proxy AutoProxyBlock
⧼abusefilter-edit-builder-vars-sfs-blocked⧽ sfs_blocked boolean Whether the IP address is blocked using the stopforumspam.com list StopForumSpam


Notes

When action='move', only the summary, action, timestamp and user_* variables are available. The page_* variables are also available, but the prefix is replaced by moved_from_ and moved_to_, that represent the values of the original article name and the destination one, respectively. For example, moved_from_title and moved_to_title instead of page_title.

Since MediaWiki 1.28 (https://gerrit.wikimedia.org/r/#/c/295254/), action='upload' is only used when publishing an upload, and not for uploads to stash. A new action='stashupload' is introduced, which is used for all uploads, including uploads to stash. This behaves like action='upload' used to, and only provides file metadata variables (file_*). Variables related to the page edit, including summary, new_wikitext and several others, are now available for action='upload'. For every file upload, filters may be called with action='stashupload' (for uploads to stash), and are always called with action='upload'; they are not called with action='edit'.

Filter authors should use action='stashupload' | action='upload' in filter code when a file can be checked based only on the file contents – for example, to reject low-resolution files – and action='upload' only when the wikitext parts of the edit need to be examined too – for example, to reject files with no description. This will allow tools that separate uploading the file and publishing the file (e.g. UploadWizard or upload dialog) to inform the user of the failure before they spend the time filling in the upload details.

Performance

As noted in the table above, some of these variables can be very slow. While writing filters, remember that the condition limit is not a good metric of how heavy filters are. For instance, variables like *_recent_contributors or *_links always need a DB query to be computed, while *_pst variables will have to perform parsing of the text, which again is a heavy operation; all these variables should be used very, very carefully. For instance, on Italian Wikipedia it's been observed that, with 135 active filters and an average of 450 used conditions, filters execution time was around 500ms, with peaks reaching 15 seconds. Removing the added_links variable from a single filter, and halving the cases when another filter would use added_lines_pst brought the average execution time to 50ms. More specifically:

  • Use _links variables when you need high accuracy and checking for "http://..." in other variables (for instance, added_lines) could lead to heavy malfunctioning;
  • Use _pst variables when you're really sure that non-PST variables aren't enough. You may also conditionally decide which one to check: if, for instance, you want to examine a signature, check first if added_lines contains ~~~;
  • In general, when dealing with these variables, it's always much better to consume further conditions but avoid computing heavy stuff. In order to achieve this, always put heavy variables as last conditions.

Last but not least, note that whenever a variable is computed for a given filter, it'll be saved and any other filter will immediately retrieve it. This means that one single filter computing this variable counts more or less as dozens of filters using it.

Keywords

Where not specifically stated, keywords cast their operands to strings

The following special keywords are included for often-used functionality:

  • like (or matches) returns true if the left-hand operand matches the glob pattern in the right-hand operand.
  • in returns true if the right-hand operand (a string) contains the left-hand operand. Note: empty strings are not contained in, nor contain, any other string (not even the empty string itself).
  • contains works like in, but with the left and right-hand operands switched. Note: empty strings are not contained in, nor contain, any other string (not even the empty string itself).
  • rlike (or regex) and irlike return true if the left-hand operand matches (contains) the regex pattern in the right-hand operand (irlike is case insensitive).

The system uses PCRE. The only PCRE option enabled is PCRE_UTF8 (modifier u in PHP); for irlike both PCRE_CASELESS and PCRE_UTF8 are enabled (modifier iu).

  • if ... then ... end
  • if ... then ... else ... end
  • ... ? ... : ...
  • true, false, null

Examples

Code Result Comment
"1234" like "12?4" True
"1234" like "12*" True
"foo" in "foobar" True
"foobar" contains "foo" True
"o" in ["foo", "bar"] True Due to the string cast
"foo" regex "\w+" True
"a\b" regex "a\\\\b" True To look for the escape character backslash using regex you need to use either four backslashes or two \x5C. (Either works fine.)
"a\b" regex "a\x5C\x5Cb" True


Functions

A number of built-in functions are included to ease some common issues. They are executed in the general format functionName( arg1, arg2, arg3 ), and can be used in place of any literal or variable. Its arguments can be given as literals, variables, or even other functions.

name description
lcase Returns the argument converted to lower case.
ucase Returns the argument converted to upper case.
length Returns the length of the string given as the argument. If the argument is an array, returns its number of elements.
string Casts to string data type. If the argument is an array, implodes it with linebreaks.
int Casts to integer data type.
float Casts to floating-point data type.
bool Casts to boolean data type.
norm Equivalent to rmwhitespace(rmspecials(rmdoubles(ccnorm(arg1)))).
ccnorm Normalises confusable/similar characters in the argument, and returns a canonical form. A list of characters and their replacements can be found on git, e.g. ccnorm( "Eeèéëēĕėęě3ƐƷ" ) === "EEEEEEEEEEEEE".[8] The output of this function is always uppercase.
ccnorm_contains_any Normalises confusable/similar characters in the arguments, and returns true if the first string contains any string from the following arguments (unlimited number of arguments, logic OR mode). A list of characters and their replacements can be found on git.
ccnorm_contains_all Normalises confusable/similar characters in the arguments, and returns true if the first string contains every string from the following arguments (unlimited number of arguments, logic AND mode). A list of characters and their replacements can be found on git.
specialratio Returns the number of non-alphanumeric characters divided by the total number of characters in the argument.
rmspecials Removes any special characters in the argument, and returns the result. (Equivalent to s/[^\p{L}\p{N}]//g.)
rmdoubles Removes repeated characters in the argument, and returns the result.
rmwhitespace Removes whitespace (spaces, tabs, newlines).
count Returns the number of times the needle (first string) appears in the haystack (second string). If only one argument is given, splits it by commas and returns the number of segments.
rcount Similar to count but the needle uses a regular expression instead. Can be made case-insensitive by letting the regular expression start with "(?i)". Please note that, for simple strings, this function is roughly ten times slower than count, so use that one when possible.
get_matches MW 1.31+ Looks for matches of the regex needle (first string) in the haystack (second string). Returns an array where the 0 element is the whole match and every [n] element is the match of the n'th capturing group of the needle. Can be made case-insensitive by letting the regular expression start with "(?i)". If a capturing group didn't match, that array position will take value of false.
ip_in_range Returns true if user's IP (first string) matches the specified IP range (second string, in CIDR notation). Only works for anonymous users. Supports both IPv4 and IPv6 addresses.
contains_any Returns true if the first string contains any string from the following arguments (unlimited number of arguments in logic OR mode). If the first argument is an array, it gets casted to string.
contains_all Returns true if the first string contains every string from the following arguments (unlimited number of arguments in logic AND mode). If the first argument is an array, it gets casted to string.
equals_to_any Returns true if the first argument is identical (===) to any of the following ones (unlimited number of arguments). Basically, equals_to_any(a, b, c) is the same as a===b | a===c, but more compact and saves conditions.
substr Returns the portion of the first string, by offset from the second argument (starts at 0) and maximum length from the third argument (optional).
strlen Same as length.
strpos Returns the numeric position of the first occurrence of needle (second string) in the haystack (first string), starting from offset from the third argument (optional, default is 0). This function may return 0 when the needle is found at the begining of the haystack, so it might be misinterpreted as false value by another comparative operator. The better way is to use === or !== for testing whether it is found.
str_replace Replaces all occurrences of the search string with the replacement string. The function takes 3 arguments in the following order: text to perform the search on, text to find, replacement text.
rescape Returns the argument with some characters preceded with the escape character "\", so that the string can be used in a regular expression without those characters having a special meaning.
set Sets a variable (first string) with a given value (second argument) for further use in the filter. Another syntax: name := value.
set_var Same as set.

Examples

Code Result Comment
length( "Wikipedia" ) 9
lcase( "WikiPedia" ) wikipedia
ccnorm( "w1k1p3d14" ) WIKIPEDIA ccnorm output is always uppercase
ccnorm( "ωɨƙɩᑭƐƉ1α" ) WIKIPEDIA
ccnorm_contains_any( "w1k1p3d14", "wiKiP3D1A", "foo", "bar" ) true
ccnorm_contains_any( "w1k1p3d14", "foo", "bar", "baz" ) false
ccnorm_contains_any( "w1k1p3d14 is 4w3s0me", "bar", "baz", "some" ) true
ccnorm( "ìíîïĩїį!ľ₤ĺľḷĿ" ) IIIIIII!LLLLLL
norm( "!!ω..ɨ..ƙ..ɩ..ᑭᑭ..Ɛ.Ɖ@@1%%α!!" ) WIKIPEDAIA
norm( "F00 B@rr" ) FOBAR norm removes whitespace, special characters and duplicates, then uses ccnorm
rmdoubles( "foobybboo" ) fobybo
specialratio( "Wikipedia!" ) 0.1
count( "foo", "foofooboofoo" ) 3
count( "foo,bar,baz" ) 3
rmspecials( "FOOBAR!!1" ) FOOBAR1
rescape( "abc* (def)" ) abc\* \(def\)
str_replace( "foobarbaz", "bar", "-" ) foo-baz
ip_in_range( "127.0.10.0", "127.0.0.0/12" ) true
contains_any( "foobar", "x", "y", "f" ) true
get_matches( "(foo?ba+r) is (so+ good)", "fobaaar is soooo good to eat" ) ['fobaaar is soooo good', 'fobaaar', 'soooo good']


Order of operations

Operations are generally done left-to-right, but there is an order to which they are resolved. As soon as the filter fails one of the conditions, it will stop checking the rest of them (due to short-circuit evaluation) and move on to the next filter. The evaluation order is:

  1. Anything surrounded by parentheses (( and )) is evaluated as a single unit.
  2. Turning variables/literals into their respective data. (e.g., page_namespace to 0)
  3. Function calls (norm, lcase, etc.)
  4. Unary + and - (defining positive or negative value, e.g. -1234, +1234)
  5. Keywords (in, rlike, etc.)
  6. Boolean inversion (!x)
  7. Exponentiation (2**3 → 8)
  8. Multiplication-related (multiplication, division, modulo)
  9. Addition and subtraction (3-2 → 1)
  10. Comparisons. (<, >, ==)
  11. Boolean operations. (&, |, ^)

Examples

  • A & B | C is equivalent to (A & B) | C, not to A & (B | C). In particular, both false & true | true and false & false | true evaluates to true.
  • A | B & C is equivalent to (A | B) & C, not to A | (B & C). In particular, both true | true & false and true | false & false evaluates to false.

Condition counting

The condition limit is (more or less) tracking the number of comparison operators + number of function calls entered.

Further explanation on how to reduce conditions used can be found at Extension:AbuseFilter/Conditions .

Exclusions

Although the AbuseFilter examine function will identify "rollback" actions as edits, the AbuseFilter will not evaluate rollback actions for matching. [9]

Useful links

Notes

  1. Comparing arrays to other types will always return false, except for the example above
  2. 2.0 2.1 2.2 2.3 2.4 2.5 The only variables currently available for file uploads (action='upload') are user_*, page_*, file_sha1, file_size, file_mime, file_mediatype, file_width, file_height, file_bits_per_channel (the last five were only added since the release for MediaWiki 1.27 gerrit:281503). All the file_* variables are unavailable for other actions (including action='edit').
  3. Since MediaWiki 1.28 (https://gerrit.wikimedia.org/r/#/c/295254/)
  4. Several filters (12) that use this variable have showed up in the AbuseFilterSlow Grafana dashboard (requires logstash access to view). Moving this variable to towards the end of the filter seemed to help.
  5. See phabricator:T191722
  6. Deprecated with this commit and disabled with this one.
  7. Some filters using this variable have showed up in the AbuseFilterSlow Grafana dashboard (example, requires logstash access). For instance, instead of using "text" in edit_diff_pst (or even edit_diff), consider something like "text" in added_lines & !("text" in removed_lines)
  8. Be aware of phab:T27619. You can use Special:AbuseFilter/tools to evaluate ccnorm( "your string" ) to see which characters are transformed.
  9. T24713 - rollback not matched by AF