User:松/Drafts/Extension:AbuseFilter/Rules format: Difference between revisions
User:松/Drafts/Extension:AbuseFilter/Rules format (view source)
Revision as of 13:50, 14 August 2020
, 3 years ago→Variables always available
(→Variables from other extensions: Last batch of deprecated variables from Flow) |
|||
(170 intermediate revisions by 17 users not shown) | |||
Line 1:
The rules are formatted much as conditionals in a C/Java/Perl-like language.
== Strings ==
You can specify a literal by placing it in single or double quotes (for strings), or by typing it in as-is (for numbers, both floating-point and integer).
You can get linebreaks with <code>\n</code>, tab characters with <code>\t</code>, and you can also escape the quote character with a backslash.
Use the <code>+</code> (plus) symbol to [[w:concatenation|concatenate]] two [[w:string literal|literal strings]] or the values of two [[w:Variable (computer science)|vars]] with a string value.
; Examples:
<syntaxhighlight lang="perl">
" This is a string"
' This is also a string'
' This string shouldn\'t fail'
" This string\nHas a linebreak"
1234
1.234
Line 19 ⟶ 21:
==User-defined variables==
You can define custom variables for ease of understanding with the assign symbol <code>:=</code> in a line (closed by <code>;</code>) within a condition.
Such variables may use letters, underscores, and numbers (apart from the first character) and are case-insensitive.
Example (from [[w:Special:AbuseFilter/79]]):
<syntaxhighlight lang="c">
Line 31 ⟶ 38:
==Arrays==
<!--Note: these examples are also used in https://phabricator.wikimedia.org/diffusion/EABF/browse/master/tests/parserTests/mwexamples-arrays.t -->
AbuseFilter has support for non-associative arrays, which can be used like in the following examples.
{{Caution|1=Expressions like <code>page_namespace in [14, 15]</code> may not work as expected. This one will evaluate to <samp>true</samp> also if <code>page_namespace</code> is <samp>1</samp>, <samp>4</samp>, or <samp>5</samp>. For more information and possible workarounds, please see [[:phab:T181024|T181024]].}}
<syntaxhighlight lang="c">
my_array := [ 5, 6, 7, 10];
my_array[0] == 5
length(my_array) == 4
float( my_array ) === 4.0 // Counts the elements
string(my_array) == "5\n6\n7\n10\n" // Note: the last linebreak could be removed in the future
5 in my_array == true
'5' in my_array == true
'5\n6' in my_array == true // Note: this is due to how arrays are casted to string, i.e. by imploding them with linebreaks
1 in my_array == true // Note: this happens because 'in' casts arguments to strings, so the 1 is
my_array[] := 57 // This appends an element at the end of the array
my_array === [ 5, 6, 7, 10, 57 ]
my_array[2] := 42 // And this is for changing an element in the array
my_array === [ 5, 6, 42, 10, 57 ]
</syntaxhighlight>
== Comments ==
You can specify comments using the following syntax:
/* This is a comment */
== Arithmetic ==
You can use basic arithmetic symbols to do arithmetic on variables and literals with the following syntax:
*<code>-</code> — Subtract the right-hand operand from the left-hand operand.
*<code>+</code> — Add the right-hand operand to the left-hand operand.
*<code>*</code> — Multiply the left-hand operand by the right-hand operand.
*<code>/</code> — Divide the left-hand operand by the right-hand operand.
*<code>**</code> — Raise the left-hand operand to the exponential power specified by the right-hand operand.
*<code>%</code> — Return the remainder given when the left-hand operand is divided by the right-hand operand.
The type of the returned result is the same that would be returned by PHP, for which a lot of documentation may be found [https://php.net/language.operators.arithmetic online].
More exhaustive examples may be found in [https://phabricator.wikimedia.org/diffusion/EABF/browse/master/tests/parserTests/arith.t this AF parser test].
<!--Note: these examples are also used in https://phabricator.wikimedia.org/diffusion/EABF/browse/master/tests/parserTests/mwexamples-arithmetic.t -->
{| class="wikitable"
!style="width: 50%;"|Example
!Result
|-
| <code>1 + 1</code> || 2
Line 75 ⟶ 100:
== Boolean operations ==
You can match if and only if all of a number of conditions are true, one of a number of conditions are true, or one and only one of all conditions are true.
*
*
*
*<code>!x</code> — NOT – returns true if the condition is not true.
'''Examples'''
<!--Note: these examples are also used in https://phabricator.wikimedia.org/diffusion/EABF/browse/master/tests/parserTests/mwexamples-bools.t -->
{| class="wikitable"
|-
!
!
|-
| <code>1 <nowiki>|</nowiki> 1</code>
Line 117 ⟶ 145:
| <code>!1</code>
| false
|-
| <code>!0</code>
| true
|}
{{anchor|Simple comparisons}}
== Simple comparisons ==
You can compare [[w:Variable (computer science)|variables]] with other variables and [[w:Operand|literals]] with the following [[w:syntax|syntax]]:
*
*
*<code>==</code> (or<code>=</code>), <code>!=</code> — Return true if the left-hand operand is ''equal to/not equal to'' the right-hand operand respectively.
*<code>===</code>{{int|comma-separator}}<code>!==</code> — Return true if the left-hand operand is ''equal to/not equal to'' the right-hand operand AND the left-hand operand is ''the same/not the same'' data type to the right-hand operand respectively.
<!--Note: these examples are also used in https://phabricator.wikimedia.org/diffusion/EABF/browse/master/tests/parserTests/mwexamples-comparisons.t -->
{| class="wikitable"
! style="width: 50%;"| Example
Line 178 ⟶ 214:
|}
== Built-in variables
The abuse filter passes various variables by name into the parser.These variables can be accessed by typing their name in, in a place where a literal would work.You can view the variables associated with each request in the abuse log.
===Variables from AbuseFilter===
====Variables always available====
{{Caution|1=User-related variables are always available, except for one case: account creation when the creator is not logged in.All variables starting with =<code>user_</code> are affected.}}
{| class="wikitable sortable"
! Description
! Name
! Data type
! Notes
|-
| Action || <code>action</code> || string || One of
|-
| Unix timestamp of change || <code>timestamp</code> || string || int(timestamp) gives you a number with which you can calculate the date, time, day of week, etc.
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int|abusefilter-edit-builder-vars-user-blocked}} || <code>user_blocked</code> || boolean || True for blocked registered users.Also true for edits from blocked IP addresses, even if the editor is a registered user who is not blocked.False otherwise. {{note|1=This doesn't differentiate between partial and total blocks.}}
|-
| {{int|abusefilter-edit-builder-vars-user-groups}} || <code>user_groups</code> || array of strings || see [[Special:ListGroupRights]]
|-
|
|-
| <span style="opacity:0.5">{{int
|-
| {{
|-
| <span style="opacity:0.5">{{int
|-
| {{int
|-
|
|-
| <span style="opacity:0.5">{{int
|-
|
|-
| <span style="opacity:0.5">{{int
|-
|
|-
| <span style="opacity:0.5">{{int
|-
|
|-
| <span style="opacity:0.5">{{int
|-
|
|-
| <span style="opacity:0.5">{{int
|-
|
|-
| <span style="opacity:0.5">{{int|abusefilter-edit-builder-vars-restrictions-create}}</span> || <span style="opacity:0.5"><code>article_restrictions_create</code></span> || <span style="opacity:0.5"> string</span> || {{deprecated-inline}} Use <code>page_restrictions_create</code> instead.
|-
|
|-
| <span style="opacity:0.5">{{int|abusefilter-edit-builder-vars-recent-contributors}}</span> || <span style="opacity:0.5"><code>article_recent_contributors</code></span> || <span style="opacity:0.5">array of strings</span> || {{deprecated-inline}} Use <code>page_recent_contributors</code> instead.
|-
| {{int|abusefilter-edit-builder-vars-recent-contributors}} || <code>page_recent_contributors</code> || array of strings || This tends to be '''slow''' (see [[#Performance]]).Try to put conditions more likely evaluate to false before this one, to avoid unnecessarily running the query.This value is empty if the user is the only contributor to the page(?), and only scans the last 100 revisions
|-
| <span style="opacity:0.5">{{int|abusefilter-edit-builder-vars-first-contributor}}</span> || <span style="opacity:0.5"><code>article_first_contributor</code></span> || <span style="opacity:0.5"> string</span> || {{deprecated-inline}} Use <code>page_first_contributor</code> instead.
|-
| {{int|abusefilter-edit-builder-vars-first-contributor}} || <code>page_first_contributor</code> || string || This tends to be '''slow''' (see [[#Performance]]).<ref>Several filters ([https://logstash.wikimedia.org/app/kibana#/doc/logstash-*/logstash-2017.11.22/mediawiki?id=AV_k0nzBSUnOz-leiQ1Q 1][https://logstash.wikimedia.org/app/kibana#/doc/logstash-*/logstash-2017.11.22/mediawiki?id=AV_kvnragaOKEclNGlrc 2]) that use this variable have showed up in the [https://logstash.wikimedia.org/app/kibana#/dashboard/941a0560-b9b2-11e7-a3f7-cb9288bcae84 AbuseFilterSlow Grafana dashboard] (requires logstash access to view).Moving this variable to towards the end of the filter seemed to help.</ref> Try to put conditions more likely evaluate to false before this one, to avoid unnecessarily running the query.
|}
==== Variables available for some actions ====
{{Caution|1=Always check that the variables you want to use are available for the current action being filtered, e.g. by using the <code>action</code> variable.Failing to do so (for instance using <code>accountname</code> for an edit, or <code>edit_delta</code> for a deletion) will make any code using the variable in question return false.}}
{| class="wikitable sortable"
! Description
! Name
! Data type
! Notes
|-
| {{int
|-
| <s>{{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
| <s>{{int
|-
| <s>{{int
|-
| {{int|abusefilter-edit-builder-vars-file-sha1}} || <code>file_sha1</code> || string || <ref name=upload/>
|-
| {{int
|-
| {{int
|-
| {{int
|-
| {{int
|-
|
|-
| {{int
|-
| <span style="opacity:0.5">{{int
|-
| {{int
|-
| <span style="opacity:0.5">{{int
|-
| {{int
|-
| <span style="opacity:0.5">{{int
|-
| {{int
|-
| {{int
|-
|
|-
| {{int
|-
|
|-
| {{int
|-
|
|-
| {{int
|-
| {{int
|-
| {{int
|-
| <span style="opacity:0.5">{{int|abusefilter-edit-builder-vars-movedfrom-title}}</span> || <span style="opacity:0.5"><code>moved_from_text</code></span> || <span style="opacity:0.5">string</span> || {{deprecated-inline}} Use <code>moved_from_title</code> instead.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-title}} || <code>moved_from_title</code> || string ||
|-
| <span style="opacity:0.5">{{int|abusefilter-edit-builder-vars-movedfrom-prefixedtitle}}</span> || <span style="opacity:0.5"><code>moved_from_prefixedtext</code></span> || <span style="opacity:0.5">string</span> || {{deprecated-inline}} Use <code>moved_from_prefixedtitle</code> instead.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-prefixedtitle}} || <code>moved_from_prefixedtitle</code> || string ||
|-
| <span style="opacity:0.5">{{int|abusefilter-edit-builder-vars-movedfrom-id}}</span> || <span style="opacity:0.5"><code>moved_from_articleid</code></span> || <span style="opacity:0.5">integer</span> || {{deprecated-inline}} Use <code>moved_from_id</code> instead.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-id}} || <code>moved_from_id</code> || integer ||
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-age}} || <code>moved_from_age</code> || integer ||
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-restrictions-edit}} || <code>moved_from_restrictions_edit</code> || array of string || Same as <code>page_restrictions_edit</code>, but for the page being moved.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-restrictions-move}} || <code>moved_from_restrictions_move</code> || array of string || Same as <code>page_restrictions_move</code>, but for the page being moved.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-restrictions-upload}} || <code>moved_from_restrictions_upload</code> || array of string || Same as <code>page_restrictions_upload</code>, but for the page being moved.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-restrictions-create}} || <code>moved_from_restrictions_create</code> || array of string || Same as <code>page_restrictions_create</code>, but for the page being moved.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-recent-contributors}} || <code>moved_from_recent_contributors</code> || array of strings || Same as <code>page_recent_contributors</code>, but for the page being moved.
|-
| {{int|abusefilter-edit-builder-vars-movedfrom-first-contributor}} || <code>moved_from_first_contributor</code> || string || Same as <code>page_first_contributor</code>, but for the page being moved.
|-
| {{int|abusefilter-edit-builder-vars-accountname}} || <code>accountname</code> || string ||
|-
| Content model of the old revision
|<code>old_content_model</code>
| string
| See
|-
| Content model of the new revision
|<code>new_content_model</code>
| string
| See
|-
|}
===Variables from other extensions===
{{Note|1=Most of these variables are always set to false when examinating past edits, and may not reflect their actual value at the time the edit was made.See [[:phab:T102944|T102944]].|2=warn}}
{| class="wikitable sortable"
|+
! Description
! Name
! Data type
! Values
! Added by
|-
| {{
|<code>global_user_groups</code>
| array
|
|
|-
| <span style="opacity:0.5">{{int
| <span style="opacity:0.5"><code>board_articleid</code></span>
| <span style="opacity:0.5">integer</span>
|
|
|-
|{{
|<code>board_id</code>
| integer
|
|
|-
|{{
|<code>board_namespace</code>
| integer
| refers to
|
|-
| <span style="opacity:0.5">{{int
| <span style="opacity:0.5"><code>board_text</code></span>
| <span style="opacity:0.5">
|
|
|-
|{{
|<code>board_title</code>
| string
|
|
|-
| <span style="opacity:0.5">{{int
| <span style="opacity:0.5"><code>board_prefixedtext</code></span>
| <span style="opacity:0.5">
|
|
|-
|{{
|<code>board_prefixedtitle</code>
| string
|
|
|-
| {{
|<code>translate_source_text</code>
| string
|
|
|-
| {{int
|<code>translate_target_language</code>
| string
| This is the language code, like <code>en</code> for English.
|{{ll|Extension:Translate|nsp=0}}
|-
| {{int|abusefilter-edit-builder-vars-tor-exit-node}}
|<code>tor_exit_node</code>
| boolean
| true if the action comes from a tor exit node.
|
|-
|{{int
| <code>user_mobile</code>
| boolean
| true for mobile users, false otherwise.
|
|-
|{{int
| <code>user_app</code>
| boolean
| true if the user is editing from the mobile app, false otherwise.
|
|-
| <span style="opacity:0.5">
| <span style="opacity:0.5"><code>article_views</code></span>
| <span style="opacity:0.5">integer</span>
|
|
|-
|
| <code>page_views</code>
| integer
| the amount of page views
|
|-
|
| <code>moved_from_views</code>
| integer
| the amount of page views of the source page
|
|-
|
| <code>moved_to_views</code>
| integer
| the amount of page views of the target page
|
|-
|
| <code>is_proxy</code>
| integer
| Whether this action was performed through a proxy
|
|-
|
| <code>sfs_blocked</code>
| boolean
| Whether the IP address is blocked using the stopforumspam.com list
|
|}
=== Notes ===
When <code>action='move'</code>,
Since MediaWiki 1.28 (
Filter authors should use <code>action='stashupload' | action='upload'</code> in filter code when a file can be checked based only on the file contents – for example, to reject low-resolution files – and <code>action='upload'</code> only when the wikitext parts of the edit need to be examined too – for example, to reject files with no description.
{{anchor|Performance}}
=== Performance ===
As noted in the table above, some of these variables can be very slow.While writing filters, remember that the condition limit is '''not''' a good metric of how heavy filters are.For instance, variables like <code>*_recent_contributors</code> or <code>*_links</code> always need a DB query to be computed, while <code>*_pst</code> variables will have to perform parsing of the text, which again is a heavy operation; all these variables should be used very, very carefully.For instance, on Italian Wikipedia it's been observed that, with 135 active filters and an average of 450 used conditions, filters execution time was around 500ms, with peaks reaching 15 seconds.Removing the <code>added_links</code> variable from a single filter, and halving the cases when another filter would use <code>added_lines_pst</code> brought the average execution time to 50ms.More specifically:
*Use <code>_links</code> variables when you need high accuracy and checking for "http://..." in other variables (for instance, <code>added_lines</code>) could lead to heavy malfunctioning;
*Use <code>_pst</code> variables when you're really sure that non-PST variables aren't enough.You may also conditionally decide which one to check: if, for instance, you want to examine a signature, check first if <code>added_lines</code> contains <code><nowiki>~~~</nowiki></code>;
*In general, when dealing with these variables, it's always much better to consume further conditions but avoid computing heavy stuff.In order to achieve this, always put heavy variables as last conditions.
Last but not least, note that whenever a variable is computed for a given filter, it'll be saved and any other filter will immediately retrieve it.This means that one single filter computing this variable counts more or less as dozens of filters using it.
== Keywords ==
{{note|1=Where not specifically stated, keywords cast their operands to strings}}
The following special keywords are included for often-used functionality:
*<code>like</code> (or <code>matches</code>) returns true if the left-hand operand matches the [[w:Glob (programming)#Syntax|glob pattern]] in the right-hand operand.
*<code>in</code> returns true if the right-hand operand (a string) contains the left-hand operand.'''Note:'''empty strings are not contained in, nor contain, any other string (not even the empty string itself).
*<code>contains</code> works like <code>in</code>, but with the left and right-hand operands switched.'''Note:'''empty strings are not contained in, nor contain, any other string (not even the empty string itself).
*<code>rlike</code> (or <code>regex</code>) and <code>irlike</code> return true if the left-hand operand matches (contains) the [[w:Regular expression|regex]] pattern in the right-hand operand (<code>irlike</code> is case '''i'''nsensitive).
The system uses [[w:Perl Compatible Regular Expressions|PCRE]].The only PCRE option enabled is <code>PCRE_UTF8</code> (modifier <code>u</code> [https://php.net/reference.pcre.pattern.modifiers in PHP]); for <code>irlike</code> both <code>PCRE_CASELESS</code> and <code>PCRE_UTF8</code> are enabled (modifier <code>iu</code>).
*<code>if ... then ... end</code>
*<code>if ... then ... else ... end</code>
*<code>... ? ... : ...</code>
*<code>true</code>,<code>false</code>,<code>null</code>
'''Examples'''
Line 521 ⟶ 628:
| <code>"a\b" regex "a\\\\b"</code>
| True
| rowspan= "2" | To look for the escape character backslash using regex you need
|-
| <code>"a\b" regex "a\x5C\x5Cb"</code>
Line 528 ⟶ 635:
== Functions ==
A number of built-in functions are included to ease some common issues.They are executed in the general format <code>functionName( arg1, arg2, arg3 )</code>, and can be used in place of any literal or variable.Its arguments can be given as literals, variables, or even other functions.
{| class="wikitable sortable"
Line 537 ⟶ 645:
| <code>ucase</code> || Returns the argument converted to upper case.
|-
| <code>length</code> || Returns the length of the string given as the argument.
|-
| <code>string</code> || Casts to string data type.
|-
| <code>int</code> || Casts to integer data type.
Line 547 ⟶ 655:
| <code>bool</code> || Casts to boolean data type.
|-
| <code>norm</code> || Equivalent to
|-
| <code>ccnorm</code> || Normalises confusable/similar characters in the argument, and returns a canonical form.
|-
| <code>ccnorm_contains_any</code> || Normalises confusable/similar characters in the arguments, and returns true if the first string contains '''any'''
|-
| <code>ccnorm_contains_all</code> || Normalises confusable/similar characters in the arguments, and returns true if the first string contains '''every'''
|-
| <code>specialratio</code> || Returns the number of non-alphanumeric characters divided by the total number of characters in the argument.
Line 563 ⟶ 671:
| <code>rmwhitespace</code> || Removes whitespace (spaces, tabs, newlines).
|-
| <code>count</code> || Returns the number of times the needle (first string) appears in the haystack (second string).
|-
| <code>rcount</code> || Similar to <code>count</code> but the needle uses a regular expression instead.
|-
| <code>get_matches</code> || {{MW version-inline|MW 1.31+}} Looks for matches of the regex needle (first string) in the haystack (second string).
|-
| <code>ip_in_range</code> || Returns true if user's IP (first string) matches the specified IP
|-
| <code>contains_any</code> || Returns true if the first string contains '''any'''
|-
| <code>contains_all</code> || Returns true if the first string contains '''every'''
|-
| <code>equals_to_any</code> || Returns true if the first argument is identical (<code>===</code>) to any of the following ones (unlimited number of arguments).
|-
| <code>substr</code> || Returns the portion of the first string, by offset from the second argument (starts at 0) and maximum length from the third argument (optional).
Line 581 ⟶ 689:
| <code>strlen</code> || Same as <code>length</code>.
|-
| <code>strpos</code> || Returns the numeric position of the first occurrence of needle (second string) in the haystack (first string), starting from offset from the third argument (optional, default is 0).
|-
| <code>str_replace</code> || Replaces all occurrences of the search string with the replacement string.
|-
| <code>rescape</code> || Returns the argument with some characters preceded with the escape character "\", so that the string can be used in a regular expression without those characters having a special meaning.
|-
| <code>set</code> || Sets a variable (first string) with a given value (second argument) for further use in the filter.
|-
| <code>set_var</code> || Same as <code>set</code>.
Line 593 ⟶ 701:
=== Examples ===
<!--Note: these examples are also used in https://phabricator.wikimedia.org/diffusion/EABF/browse/master/tests/parserTests/mwexamples-functions.t -->
{| class="wikitable"
! Code
! Result
! Comment
|-
| <code>length( "Wikipedia" )</code>
Line 609 ⟶ 718:
| <code>ccnorm( "w1k1p3d14" )</code>
| WIKIPEDIA
| <code>ccnorm</code> output is always uppercase
|-
| <code>ccnorm( "ωɨƙɩᑭƐƉ1α" )</code>
Line 637 ⟶ 746:
|<code>norm( "F00 B@rr" )</code>
|FOBAR
| <code>norm</code> removes whitespace, special characters and duplicates, then uses <code>ccnorm</code><!--
|-
| <code>convert( "zh-hant", "维基百科" )</code><br />// assume we work on a wiki with Chinese LanguageConverter class
Line 685 ⟶ 794:
== Order of operations ==
Operations are generally done left-to-right, but there is an order to which they are resolved.As soon as the filter fails one of the conditions, it will stop checking the rest of them (due to [[w:short-circuit evaluation|short-circuit evaluation]]) and move on to the next filter.The evaluation order is:
#Anything surrounded by parentheses (<code>(</code> and <code>)</code>) is evaluated as a single unit.
#Turning variables/literals into their respective data. (e.g.,<code>page_namespace</code> to 0)
#Function calls (<code>norm</code>,<code>lcase</code>, etc.)
#Unary <code>+</code> and <code>-</code> (defining positive or negative value, e.g.<code>-1234</code>, <code>+1234</code>)
#Keywords (<code>in</code>, <code>rlike</code>, etc.)
#Boolean inversion (<code>!x</code>)
#Exponentiation (<code>2**3 → 8</code>)
#Multiplication-related (multiplication, division, modulo)
#Addition and subtraction (<code>3-2 → 1</code>)
#Comparisons. (<code><</code>, <code>></code>, <code>==</code>)
#Boolean operations. (<code>&</code>, <code>|</code>, <code>^</code>)
=== Examples ===
*<code>A & B | C</code> is equivalent to <code>(A & B) | C</code>, not to <code>A & (B | C)</code>.In particular, both <code>false & true '''| true'''</code> and <code>false & false '''| true'''</code> evaluates to <code>true</code>.
*<code>A | B & C</code> is equivalent to <code>(A | B) & C</code>, not to <code>A | (B & C)</code>.In particular, both <code>true | true '''& false'''</code> and <code>true | false '''& false'''</code> evaluates to <code>false</code>.
== Condition counting ==
The condition limit is (more or less) tracking the number of comparison operators + number of function calls entered.
Further explanation on how to reduce conditions used can be found at
== Exclusions ==
Although the AbuseFilter examine function will identify "rollback" actions as edits, the AbuseFilter will not evaluate rollback actions for matching.<ref>[[phab:T24713|T24713 - rollback not matched by AF]]</ref>
== Useful links ==
* [https://php.net/reference.pcre.pattern.syntax PCRE pattern syntax]
* [[m:Edit filters benefiting to various local Wikiprojects|Edit filters benefiting to various local Wikiprojects]]
* {{ll|Extension:AbuseFilter/Conditions}}
== Notes ==
<references/>
|