확장기능:편집 필터/규칙 형식

This page is a translated version of the page Extension:AbuseFilter/Rules format and the translation is 27% complete.

규칙은 자체적인 언어입니다. C/Java/Perl과 같은 언어의 조건부 형식처럼 구성되어 있습니다.

문자열

You can specify a literal by placing it in single or double quotes (for strings), or by typing it in as-is (for numbers, both floating-point and integer). You can get linebreaks with \n, tab characters with \t, and you can also escape the quote character with a backslash.

문자열 둘이나 문자열을 가리키는 둘을 위해서는 + (더하기) 기호를 쓰십시오.

예시
"이것은 문자열입니다"
'이것도 문자열입니다'
'\'이\' 문자열도 문제가 발생하지 않습니다'
"이 문자열은\n
줄바꿈 문자를 포함합니다"
1234
1.234
-123

사용자 정의 변수

You can define custom variables for ease of understanding with the assign symbol := in a line (closed by ;) within a condition. Such variables may use letters, underscores, and numbers (apart from the first character) and are case-insensitive. Example (from w:Special:AbuseFilter/79):

(
	line1:="(\{\{(r|R)eflist|\{\{(r|R)efs|<references\s?/>|</references\s?>)";
	rcount(line1, removed_lines)
) > (
	rcount(line1, added_lines)
)

배열

AbuseFilter has support for non-associative arrays, which can be used like in the following examples.

  경고: Expressions like page_namespace in [14, 15] may not work as expected. This one will evaluate to true also if page_namespace is 1, 4, or 5. For more information and possible workarounds, please see T181024.
my_array := [ 5, 6, 7, 10 ];
my_array[0] == 5
length(my_array) == 4
int( my_array ) === 4 // Same as length
float( my_array ) === 4.0 // Counts the elements
string(my_array) == "5\n6\n7\n10\n" // Note: the last linebreak could be removed in the future
5 in my_array == true
'5' in my_array == true
'5\n6' in my_array == true // Note: this is due to how arrays are casted to string, i.e. by imploding them with linebreaks
1 in my_array == true // Note: this happens because 'in' casts arguments to strings, so the 1 is caught in '10' and returns true.
my_array[] := 57; // This appends an element at the end of the array
my_array === [ 5, 6, 7, 10, 57 ]
my_array[2] := 42; // And this is for changing an element in the array
my_array === [ 5, 6, 42, 10, 57 ]

주석

다음 구문을 이용하여 주석 처리 할 수 있습니다:

/* 이것은 주석입니다 */

산술

You can use basic arithmetic symbols to do arithmetic on variables and literals with the following syntax:

  • - – 왼쪽의 피연산자에서 오른쪽의 피연산자를 빼기.
  • + – 왼쪽의 피연산자와 오른쪽의 피연산자를 더하기.
  • * – 왼쪽의 피연산자와 오른쪽의 피연산자를 곱하기.
  • / – 왼쪽의 피연산자에서 오른쪽의 피연산자를 나누기.
  • **Raise the left-hand operand to the exponential power specified by the right-hand operand.
  • %Return the remainder given when the left-hand operand is divided by the right-hand operand.

The type of the returned result is the same that would be returned by PHP, for which a lot of documentation may be found online. More exhaustive examples may be found in this AF parser test.

예시 결과
1 + 1 2
2 * 2 4
1 / 2 0.5
9 ** 2 81
6 % 5 1

Boolean operations

You can match if and only if all of a number of conditions are true, one of a number of conditions are true, or one and only one of all conditions are true.

  • x | y — OR – 적어도 하나 이상의 조건을 만족하는 경우 참(true)을 반환합니다.
  • x & y — AND – 두 조건을 모두 만족하는 경우 참(true)을 반환합니다.
  • x ^ y — XOR – 두개의 조건 중 하나만의 조건을 만족하는 경우 참(true)을 반환합니다.
  • !x — NOT – 조건이 거짓인 경우 참(true)을 반환합니다.

예시

코드 결과
1 | 1 true
1 | 0 true
0 | 0 false
1 & 1 true
1 & 0 false
0 & 0 false
1 ^ 1 false
1 ^ 0 true
0 ^ 0 false
!1 false
!0 true

Simple comparisons

You can compare variables with other variables and literals with the following syntax:

  • <, >Return true if the left-hand operand is less than/greater than the right-hand operand respectively. Watch out: operands are casted to strings and, like it happens in PHP, null < any number === true and null > any number === false.
  • <=, >=Return true if the left-hand operand is less than or equal to/greater than or equal to the right-hand operand respectively. Watch out: operands are casted to strings and, like it happens in PHP, null <= any number === true and null >= any number === false.
  • == (or =), != – Return true if the left-hand operand is equal to/not equal to the right-hand operand respectively.
  • ===, !==Return true if the left-hand operand is equal to/not equal to the right-hand operand AND the left-hand operand is the same/not the same data type to the right-hand operand respectively.
예시 결과
1 == 2 false
1 <= 2 true
1 >= 2 false
1 != 2 true
1 < 2 true
1 > 2 false
2 = 2 true
'' == false true
'' === false false
1 == true true
1 === true false
['1','2','3'] == ['1','2','3'] true
[1,2,3] === [1,2,3] true
['1','2','3'] == [1,2,3] true
['1','2','3'] === [1,2,3] false
[1,1,''] == [true, true, false] true
[] == false & [] == null true
['1'] == '1' false[1]

Built-in variables

The abuse filter passes various variables by name into the parser. These variables can be accessed by typing their name in, in a place where a literal would work. You can view the variables associated with each request in the abuse log.

Variables from AbuseFilter

Variables always available

  경고: User-related variables are always available, except for one case: account creation when the creator is not logged in. All variables starting with user_ are affected, except user_type.
설명 이름 데이터 종류 참고
동작 action 문자열 One of the following: edit, move, createaccount, autocreateaccount, delete, upload[2], stashupload[3]
Unix timestamp of change timestamp 문자열 int(timestamp) gives you a number with which you can calculate the date, time, day of week, etc.
위키의 데이터베이스 이름 ($1) wiki_name 문자열 For instance, this is "enwiki" on the English Wikipedia, and "itwikiquote" on the Italian Wikiquote.
위키의 언어 코드 ($1) wiki_language 문자열 For instance, this is "en" on the English Wikipedia, and "it" on the Italian Wikiquote. Multi-lingual wikis like Commons, Meta, and Wikidata will also report as "en".
사용자의 편집 수 ($1) user_editcount integer/null Null only for unregistered users.
사용자 계정 이름 ($1) (IP in case the user is not registered) user_name 문자열
For "createaccount" and "autocreateaccount" actions, use accountname if you want the name of the account being created.
  경고: On wikis where temporary accounts are enabled, IPs are not returned for unregistered users. Use user_unnamed_ip instead if the IP is needed. More context is available here .
사용자 계정 유형 ($1) user_type string The type of the user, which will be one of ip, temp (if the user is using a temporary account ), named, external, or unknown.
이메일 주소가 인증된 시각 ($1) user_emailconfirm string/null In the format: YYYYMMDDHHMMSS. Null if the email wasn't confirmed.
사용자 계정 만든 후 지난 시간 ($1) user_age 정수 In seconds. 0 for unregistered users.
사용자의 차단 여부 ($1) user_blocked boolean True for blocked registered users. Also true for edits from blocked IP addresses, even if the editor is a registered user who is not blocked. False otherwise.
This doesn't differentiate between partial and sitewide blocks.
사용자 권한 그룹 (자동으로 부여된 권한 포함, $1) user_groups array of strings see Special:ListGroupRights
사용자가 가진 권한 ($1) user_rights array of strings see Special:ListGroupRights
문서 ID ($1) article_articleid 정수 (구식화됨) Use page_id instead.
문서 ID ($1) (can be seen via "page information" link in sidebar) page_id 정수 This is 0 for new pages, but it is unreliable when inspecting past hits. If you need an exact result when inspecting past hits, use "page_age == 0" to identify new page creation. (note that it is slower, though.) This issue has been fixed in 9369d08, merged on September 11th 2023.
문서 이름공간 ($1) article_namespace 정수 (구식화됨) Use page_namespace instead.
문서 이름공간 ($1) page_namespace 정수 refers to namespace index . Check for namespace(s) using expressions like "page_namespace == 2" or "equals_to_any(page_namespace, 1, 3)"
문서의 나이 (단위: 초, $1) page_age 정수 첫 편집 이후 경과한 초 (혹은 새 문서는 0). This is reliable, but it tends to be slow; consider using page_id if you don't need much precision.
이름공간을 뺀 문서 제목 ($1) article_text 문자열 (구식화됨) Use page_title instead.
이름공간을 뺀 문서 제목 ($1) page_title 문자열
전체 문서 제목 ($1) article_prefixedtext 문자열 (구식화됨) Use page_prefixedtitle instead.
전체 문서 제목 ($1) page_prefixedtitle 문자열
문서 편집 보호 수준 ($1) article_restrictions_edit 문자열 (구식화됨) Use page_restrictions_edit instead.
문서 편집 보호 수준 ($1) page_restrictions_edit array of strings
문서 이동 보호 수준 ($1) article_restrictions_move 문자열 (구식화됨) Use page_restrictions_move instead.
문서 이동 보호 수준 ($1) page_restrictions_move array of strings
파일의 올리기 보호 설정 ($1) article_restrictions_upload 문자열 (구식화됨) Use page_restrictions_upload instead.
파일의 올리기 보호 설정 ($1) page_restrictions_upload array of strings
문서의 만들기 보호 설정 ($1) article_restrictions_create 문자열 (구식화됨) Use page_restrictions_create instead.
문서의 만들기 보호 설정 ($1) page_restrictions_create array of strings
이 문서에 마지막으로 기여한 사용자 10명 ($1) article_recent_contributors array of strings (구식화됨) Use page_recent_contributors instead.
이 문서에 마지막으로 기여한 사용자 10명 ($1) page_recent_contributors array of strings This tends to be slow (see #Performance). Try to put conditions more likely evaluate to false before this one, to avoid unnecessarily running the query. This value is empty if the user is the only contributor to the page(?), and only scans the last 100 revisions
이 문서에 처음으로 기여한 사용자 ($1) article_first_contributor 문자열 (구식화됨) Use page_first_contributor instead.
이 문서에 처음으로 기여한 사용자 ($1) page_first_contributor 문자열 This tends to be slow (see #Performance).[4] Try to put conditions more likely evaluate to false before this one, to avoid unnecessarily running the query.

Variables available for some actions

  경고: Always check that the variables you want to use are available for the current action being filtered, e.g. by using the action variable. Failing to do so (for instance using accountname for an edit, or edit_delta for a deletion) will make any code using the variable in question return false.
Edit variables are not available when examining past uploads. (T345896)
설명 이름 Data type Notes
편집 요약/이유 ($1) summary 문자열 Summaries automatically created by MediaWiki ("New section", "Blanked the page", etc.) are created after the filter checks the edit, so they will never actually catch, even if the debugger shows that they should. The variable contains whatever the user sees in the edit summary window, which may include MediaWiki preloaded section titles.[5]
사소한 편집으로 표시할지의 여부 (더 이상 쓰이지 않음) minor_edit 문자열 Disabled, and set to false for all entries between 2016 and 2018.[6]
편집 전 과거 문서의 위키텍스트 ($1) old_wikitext 문자열 This variable can be very large. Consider using removed_lines if possible to improve performance.
편집 후 새 문서의 위키텍스트 ($1) new_wikitext 문자열 This variable can be very large. Consider using added_lines if possible to improve performance.
편집 전후의 차이 ($1) edit_diff 문자열
편집으로 인한 바뀐 내용의 차이가 통합됨, 미리 저장 변형됨 ($1) edit_diff_pst 문자열 This tends to be slow (see #Performance). Checking both added_lines and removed_lines is probably more efficient.[7]
새 문서 크기 ($1) new_size 정수
이전 문서 크기 ($1) old_size 정수
편집에서의 문서 크기 변화 ($1) edit_delta 정수
줄이 편집 중 추가됨, 미리 저장 변형됨 ($1) added_lines_pst array of strings Use added_lines if possible, which is more efficient.
편집 중 추가된 줄 ($1) added_lines array of strings includes all lines in the final diff that begin with +
편집 중 제거된 줄 ($1) removed_lines array of strings
바뀐 글에 포함된 모든 외부 링크 ($1) all_links array of strings This tends to be slow (see #Performance).
편집하기 전의 문서 내 링크 ($1) old_links array of strings This tends to be slow (see #Performance).
편집 중 추가된 모든 외부 링크 ($1) added_links array of strings This tends to be slow (see #Performance). Consider checking against added_lines first, then check added_links so that fewer edits are slowed down. This follows MediaWiki's rules for external links . Only unique links are added to the array. Changing a link will count as 1 added and 1 removed link.
편집 중 제거된 모든 외부 링크 ($1) removed_links array of strings This tends to be slow (see #Performance). Consider checking against removed_lines first, then check removed_links so that fewer edits are slowed down. This follows MediaWiki's rules for external links . Only unique links are added to the array. Changing a link will count as 1 added and 1 removed link.
새 문서 위키 텍스트, 변환을 미리 저장 ($1) new_pst 문자열 This variable can be very large.
편집 후의 HTML 원본 ($1) new_html 문자열 This variable can be very large. Consider using added_lines if possible to improve performance.
편집 후 마크업을 제거한 문서 내용 ($1) new_text 문자열 This variable can be very large. Consider using added_lines if possible to improve performance.
HTML로 구문 분석된 과거 문서의 위키텍스트 (더 이상 쓰이지 않음) old_html 문자열 Disabled for performance reasons.
모든 마크업을 제거한 이전 문서 텍스트 old_text 문자열 Disabled for performance reasons.
마지막 문서 편집 이후의 시간 (단위: 초, $1) page_last_edit_age integer or null null when the page does not exist
파일 내용의 SHA1 해시 ($1) file_sha1 문자열 [2]
파일 크기 ($1) file_size 정수 The file size in bytes[2]
파일의 너비 (단위: 픽셀, $1) file_width 정수 The width in pixels[2]
파일의 높이 (단위: 픽셀, $1) file_height 정수 픽셀 단위로 높이[2]
파일의 컬러 채널 당 비트 ($1) file_bits_per_channel 정수 The amount of bits per color channel[2]
파일의 MIME 타입 ($1) file_mime 문자열 The file MIME type.[2]
파일의 미디어 타입 ($1) file_mediatype 문자열 The file media type.[8][2]
이동 후 문서의 ID ($1) moved_to_articleid 정수 (구식화됨) Use moved_to_id instead.
이동 후 문서의 ID ($1) moved_to_id 정수
이동 후 문서의 제목 ($1) moved_to_text 문자열 (구식화됨) Use moved_to_title instead.
이동 후 문서의 제목 ($1) moved_to_title 문자열
이동 후 문서의 전체 제목 ($1) moved_to_prefixedtext 문자열 (구식화됨) Use moved_to_prefixedtitle instead.
이동 후 문서의 전체 제목 ($1) moved_to_prefixedtitle 문자열
이동 후 문서의 이름공간 ($1) moved_to_namespace 정수
이동 대상 문서의 나이 (단위: 초, $1) moved_to_age 정수
마지막 이동 대상 문서 편집 이후의 시간 (단위: 초, $1) moved_to_last_edit_age integer or null null when the target page does not exist
이동 대상 문서의 편집 보호 수준 ($1) moved_to_restrictions_edit array of string Same as page_restrictions_edit, but for the target of the move.
이동 대상 문서의 이동 보호 수준 ($1) moved_to_restrictions_move array of string Same as page_restrictions_move, but for the target of the move.
이동 대상 파일의 올리기 보호 설정 ($1) moved_to_restrictions_upload array of string Same as page_restrictions_upload, but for the target of the move.
이동 대상 문서의 만들기 보호 설정 ($1) moved_to_restrictions_create array of string Same as page_restrictions_create, but for the target of the move.
이동 대상 문서에 마지막으로 기여한 사용자 10명 ($1) moved_to_recent_contributors array of strings Same as page_recent_contributors, but for the target of the move.
이동 대상 문서에 처음으로 기여한 사용자 ($1) moved_to_first_contributor 문자열 Same as page_first_contributor, but for the target of the move.
이동 전 문서의 이름공간 ($1) moved_from_namespace 정수
이동 전의 제목 ($1) moved_from_text 문자열 (구식화됨) Use moved_from_title instead.
이동 전의 제목 ($1) moved_from_title 문자열
이동 전 문서의 전체 이름 ($1) moved_from_prefixedtext 문자열 (구식화됨) Use moved_from_prefixedtitle instead.
이동 전 문서의 전체 이름 ($1) moved_from_prefixedtitle 문자열
이동 전 문서의 ID ($1) moved_from_articleid 정수 (구식화됨) Use moved_from_id instead.
이동 전 문서의 ID ($1) moved_from_id 정수
이동 원본 문서의 나이 (단위: 초, $1) moved_from_age 정수
마지막 이동 원본 문서 편집 이후의 시간 (단위: 초, $1) moved_from_last_edit_age integer
이동 원본 문서의 편집 보호 수준 ($1) moved_from_restrictions_edit array of string Same as page_restrictions_edit, but for the page being moved.
이동 원본 문서의 이동 보호 수준 ($1) moved_from_restrictions_move array of string Same as page_restrictions_move, but for the page being moved.
이동 원본 파일의 올리기 보호 설정 ($1) moved_from_restrictions_upload array of string Same as page_restrictions_upload, but for the page being moved.
이동 원본 문서의 만들기 보호 설정 ($1) moved_from_restrictions_create array of string Same as page_restrictions_create, but for the page being moved.
이동 원본 문서에 마지막으로 기여한 사용자 10명 ($1) moved_from_recent_contributors array of strings Same as page_recent_contributors, but for the page being moved.
이동 원본 문서에 처음으로 기여한 사용자 ($1) moved_from_first_contributor 문자열 Same as page_first_contributor, but for the page being moved.
계정 생성 시 계정 이름 ($1) accountname 문자열
Content model of the old revision old_content_model 문자열 See Help:ChangeContentModel for information about content model changes
Content model of the new revision new_content_model 문자열 See Help:ChangeContentModel for information about content model changes

Protected variables

A variable can be considered protected. For instance, on wikis with temporary accounts enabled, IPs are considered PII and access to them must be restricted. Protected variables and filters that use them are only accessible to maintainers with the abusefilter-access-protected-vars right. Using a protected variable flags the filter as protected as well. The filter subsequently cannot be unprotected, even if it no longer actively uses a protected variable, as its historical logs will remain available.

Logs generated by protected filters can only be viewed by users with the abusefilter-protected-vars-log right.

The default protected variables are defined in AbuseFilterProtectedVariables in extension.json.

user_unnamed_ip is null when examining past edits.
Description Name Data type Notes
사용자 계정의 IP (로그아웃한 사용자 및 임시 계정에만 해당) ($1) user_unnamed_ip string User IP for anonymous users/temporary accounts
This returns null for registered users.


Variables from other extensions

Most of these variables are always set to false when examinating past edits, and may not reflect their actual value at the time the edit was made. See T102944.
설명 이름 Data type Added by
사용자가 속한 전역 그룹 ($1) global_user_groups array CentralAuth
사용자의 전역 편집 수 ($1) global_user_editcount integer CentralAuth
계정 생성 시 사용자가 속한 전역 그룹 ($1) global_account_groups array Available only when action is createaccount (then it is always empty) or autocreateaccount. CentralAuth
계정 생성 시 사용자의 전역 편집 수 ($1) global_account_editcount integer Available only when action is createaccount (then it is always zero) or autocreateaccount. CentralAuth
이 변경을 수행하기 위해 사용되는 OAuth 컨슈머 ($1) oauth_consumer integer OAuth
구조화된 토론 게시판의 문서 ID board_articleid 정수 (구식화됨) Use board_id instead. StructuredDiscussions
구조화된 토론 게시판의 문서 ID board_id 정수 StructuredDiscussions
구조화된 토론 게시판의 이름공간 board_namespace 정수 refers to namespace index StructuredDiscussions
구조화된 토론 게시판의 제목 (이름공간 제외) board_text 문자열 (구식화됨) Use board_title instead. StructuredDiscussions
구조화된 토론 게시판의 제목 (이름공간 제외) board_title 문자열 StructuredDiscussions
구조화된 토론 게시판의 전체 제목 board_prefixedtext 문자열 (구식화됨) Use board_prefixedtitle instead. StructuredDiscussions
구조화된 토론 게시판의 전체 제목 board_prefixedtitle 문자열 StructuredDiscussions
번역 단위의 소스 본문 translate_source_text 문자열 번역
번역 대상 언어 translate_target_language 문자열 This is the language code, like en for English. 번역
편집이 토르 끝 노드를 통해 바뀌었는지의 여부 ($1) tor_exit_node boolean true if the action comes from a tor exit node. TorBlock
사용자가 모바일 인터페이스를 통해 편집하고 있는지 여부 ($1) user_mobile boolean true for mobile users, false otherwise. 모바일 프론트엔드
사용자가 모바일 앱에서 편집하고 있는지의 여부 ($1) user_app boolean true if the user is editing from the mobile app, false otherwise. 모바일 앱
Page views[1] article_views 정수 (구식화됨) Use page_views instead. HitCounters
Page views[2] page_views 정수 the amount of page views HitCounters
Source page views[3] moved_from_views 정수 the amount of page views of the source page HitCounters
Target page views[4] moved_to_views 정수 the amount of page views of the target page HitCounters
Whether the IP address is blocked using the stopforumspam.com list[5] sfs_blocked boolean Whether the IP address is blocked using the stopforumspam.com list StopForumSpam

Notes

When action='move', only the summary, action, timestamp and user_* variables are available. The page_* variables are also available, but the prefix is replaced by moved_from_ and moved_to_, that represent the values of the original article name and the destination one, respectively. For example, moved_from_title and moved_to_title instead of page_title.

Since MediaWiki 1.28 (gerrit:295254), action='upload' is only used when publishing an upload, and not for uploads to stash. A new action='stashupload' is introduced, which is used for all uploads, including uploads to stash. This behaves like action='upload' used to, and only provides file metadata variables (file_*). Variables related to the page edit, including summary, new_wikitext and several others, are now available for action='upload'. For every file upload, filters may be called with action='stashupload' (for uploads to stash), and are always called with action='upload'; they are not called with action='edit'.

Filter authors should use action='stashupload' | action='upload' in filter code when a file can be checked based only on the file contents – for example, to reject low-resolution files – and action='upload' only when the wikitext parts of the edit need to be examined too – for example, to reject files with no description. This allows tools that separate uploading the file and publishing the file (e.g. UploadWizard or upload dialog ) to inform the user of the failure before they spend the time filling in the upload details.

Performance

As noted in the table above, some of these variables can be very slow. While writing filters, remember that the condition limit is not a good metric of how heavy filters are. For instance, variables like *_recent_contributors or *_links always need a DB query to be computed, while *_pst variables will have to perform parsing of the text, which again is a heavy operation; all these variables should be used very, very carefully. For instance, on Italian Wikipedia it's been observed that, with 135 active filters and an average of 450 used conditions, filters execution time was around 500ms, with peaks reaching 15 seconds. Removing the added_links variable from a single filter, and halving the cases when another filter would use added_lines_pst brought the average execution time to 50ms. More specifically:

  • Use _links variables when you need high accuracy and checking for "http://..." in other variables (for instance, added_lines) could lead to heavy malfunctioning;
  • Use _pst variables when you're really sure that non-PST variables aren't enough.

You may also conditionally decide which one to check: if, for instance, you want to examine a signature, check first if added_lines contains ~~~;

  • In general, when dealing with these variables, it's always much better to consume further conditions but avoid computing heavy stuff.

In order to achieve this, always put heavy variables as last conditions.

Last but not least, note that whenever a variable is computed for a given filter, it'll be saved and any other filter will immediately retrieve it. This means that one single filter computing this variable counts more or less as dozens of filters using it.

Keywords

Where not specifically stated, keywords cast their operands to strings

The following special keywords are included for often-used functionality:

  • like (or matches) returns true if the left-hand operand matches the glob pattern in the right-hand operand.
  • in returns true if the right-hand operand (a string) contains the left-hand operand. Note: empty strings are not contained in, nor contain, any other string (not even the empty string itself).
  • contains works like in, but with the left and right-hand operands switched. Note: empty strings are not contained in, nor contain, any other string (not even the empty string itself).
  • rlike (or regex) and irlike return true if the left-hand operand matches (contains) the regex pattern in the right-hand operand (irlike is case insensitive).
    • The system uses PCRE.
    • The only PCRE option enabled is PCRE_UTF8 (modifier u in PHP); for irlike both PCRE_CASELESS and PCRE_UTF8 are enabled (modifier iu).
  • if ... then ... end
  • if ... then ... else ... end
  • ... ? ... : ...
  • true, false, null

예시

코드 결과 비고
"1234" like "12?4" True
"1234" like "12*" True
"foo" in "foobar" True
"foobar" contains "foo" True
"o" in ["foo", "bar"] True Due to the string cast
"foo" regex "\w+" True
"a\b" regex "a\\\\b" True To look for the escape character backslash using regex you need to use either four backslashes or two \x5C. (Either works fine.)
"a\b" regex "a\x5C\x5Cb" True

기능

A number of built-in functions are included to ease some common issues. They are executed in the general format functionName( arg1, arg2, arg3 ), and can be used in place of any literal or variable. Its arguments can be given as literals, variables, or even other functions.

이름 설명
lcase Returns the argument converted to lower case.
ucase Returns the argument converted to upper case.
length Returns the length of the string given as the argument. If the argument is an array, returns its number of elements.
string Casts to string data type. If the argument is an array, implodes it with linebreaks.
int Casts to integer data type.
float Casts to floating-point data type.
bool Casts to boolean data type.
norm Equivalent to rmwhitespace(rmspecials(rmdoubles(ccnorm(arg1)))).
ccnorm Normalises confusable/similar characters in the argument, and returns a canonical form. A list of characters and their replacements can be found on git, e.g. ccnorm( "Eeèéëēĕėęě3ƐƷ" ) === "EEEEEEEEEEEEE".[9] The output of this function is always uppercase. While not expensive, this function isn't cheap either, and could slow a filter down if called many times.
ccnorm_contains_any Normalises confusable/similar characters in all its arguments, and returns true if the first string contains any string from the following arguments (unlimited number of arguments, logic OR mode). A list of characters and their replacements can be found on git. Due to the usage of ccnorm, this function can be slow if passed too many arguments.
ccnorm_contains_all Normalises confusable/similar characters in all its arguments, and returns true if the first string contains every string from the following arguments (unlimited number of arguments, logic AND mode). A list of characters and their replacements can be found on git. Due to the usage of ccnorm, this function can be slow if passed too many arguments.
specialratio Returns the number of non-alphanumeric characters divided by the total number of characters in the argument.
rmspecials Removes any special characters in the argument, and returns the result. Does not remove whitespace. (Equivalent to s/[^\p{L}\p{N}\s]//g.)
rmdoubles Removes repeated characters in the argument, and returns the result.
rmwhitespace Removes whitespace (spaces, tabs, newlines).
count Returns the number of times the needle (first string) appears in the haystack (second string). If only one argument is given, splits it by commas and returns the number of segments.
rcount Similar to count but the needle uses a regular expression instead. Can be made case-insensitive by letting the regular expression start with "(?i)". Please note that, for plain strings, this function can be up to 50 times slower than count[10], so use that one when possible.
get_matches MW 1.31+ Looks for matches of the regex needle (first string) in the haystack (second string). Returns an array where the 0 element is the whole match and every [n] element is the match of the n'th capturing group of the needle. Can be made case-insensitive by letting the regular expression start with "(?i)". If a capturing group didn't match, that array position will take value of false.
ip_in_range Returns true if user's IP (first string) matches the specified IP range (second string, can be in CIDR notation, explicit notation like "1.1.1.1-2.2.2.2", or a single IP). Only works for anonymous users. Supports both IPv4 and IPv6 addresses.
ip_in_ranges Returns true if user's IP (first string) matches any of the specified IP ranges (following strings in logic OR mode, can be in CIDR notation, explicit notation like "1.1.1.1-2.2.2.2", or a single IP). Only works for anonymous users. Supports both IPv4 and IPv6 addresses.
contains_any Returns true if the first string contains any string from the following arguments (unlimited number of arguments in logic OR mode). If the first argument is an array, it gets casted to string.
contains_all Returns true if the first string contains every string from the following arguments (unlimited number of arguments in logic AND mode). If the first argument is an array, it gets casted to string.
equals_to_any Returns true if the first argument is identical (===) to any of the following ones (unlimited number of arguments). Basically, equals_to_any(a, b, c) is the same as a===b | a===c, but more compact and saves conditions.
substr Returns the portion of the first string, by offset from the second argument (starts at 0) and maximum length from the third argument (optional).
strlen Same as length.
strpos Returns the numeric position of the first occurrence of needle (second string) in the haystack (first string), starting from offset from the third argument (optional, default is 0). This function may return 0 when the needle is found at the beginning of the haystack, so it might be misinterpreted as false value by another comparative operator. The better way is to use === or !== for testing whether it is found. Differently from PHP's strpos(), which returns false when the needle is not found, this function returns -1 when the needle is not found.
str_replace Replaces all occurrences of the search string with the replacement string. The function takes 3 arguments in the following order: text to perform the search on, text to find, replacement text.
str_replace_regexp Replaces all occurrences of the search string with the replacement string using regular expressions. The function takes 3 arguments in the following order: text to perform the search on, regular expression to match, replacement expression.
rescape Returns the argument with some characters preceded with the escape character "\", so that the string can be used in a regular expression without those characters having a special meaning.
set Sets a variable (first string) with a given value (second argument) for further use in the filter. Another syntax: name := value.
set_var Same as set.

예시

코드 결과 비고
length( "Wikipedia" ) 9
lcase( "WikiPedia" ) wikipedia
ccnorm( "w1k1p3d14" ) WIKIPEDIA ccnorm output is always uppercase
ccnorm( "ωɨƙɩᑭƐƉ1α" ) WIKIPEDIA
ccnorm_contains_any( "w1k1p3d14", "wiKiP3D1A", "foo", "bar" ) true
ccnorm_contains_any( "w1k1p3d14", "foo", "bar", "baz" ) false
ccnorm_contains_any( "w1k1p3d14 is 4w3s0me", "bar", "baz", "some" ) true
ccnorm( "ìíîïĩїį!ľ₤ĺľḷĿ" ) IIIIIII!LLLLLL
norm( "!!ω..ɨ..ƙ..ɩ..ᑭᑭ..Ɛ.Ɖ@@1%%α!!" ) WIKIPEDAIA
norm( "F00 B@rr" ) FOBAR norm removes whitespace, special characters and duplicates, then uses ccnorm
rmdoubles( "foobybboo" ) fobybo
specialratio( "Wikipedia!" ) 0.1
count( "foo", "foofooboofoo" ) 3
count( "foo,bar,baz" ) 3
rmspecials( "FOOBAR!!1" ) FOOBAR1
rescape( "abc* (def)" ) abc\* \(def\)
str_replace( "foobarbaz", "bar", "-" ) foo-baz
str_replace_regexp( "foobarbaz", "(.)a(.)", "$2a$1" ) foorabzab
ip_in_range( "127.0.10.0", "127.0.0.0/12" ) true
ip_in_ranges( "127.0.10.0", "10.0.0.0/8", "127.0.0.0/12" ) true
contains_any( "foobar", "x", "y", "f" ) true
get_matches( "(foo?ba+r) is (so+ good)", "fobaaar is soooo good to eat" ) ['fobaaar is soooo good', 'fobaaar', 'soooo good']

Order of operations

Operations are generally done left-to-right, but there is an order to which they are resolved. As soon as the filter fails one of the conditions, it will stop checking the rest of them (due to short-circuit evaluation) and move on to the next filter. The evaluation order is:

  1. Anything surrounded by parentheses (( and )) is evaluated as a single unit.
  2. Turning variables/literals into their respective data. (e.g., page_namespace to 0)
  3. Function calls (norm, lcase, etc.)
  4. 단항 +- (양수와 음수로 정의함, 예를 들어 -1234, +1234)
  5. Keywords (in, rlike, 등)
  6. Boolean inversion (!x)
  7. 거듭제곱 (2**3 → 8)
  8. Multiplication-related (multiplication, division, modulo)
  9. 덧셈과 뺄셈 (3-2 → 1)
  10. 비교 (<, >, ==)
  11. Boolean operations (&, |, ^)
  12. Ternary operator (... ? ... : ...)
  13. Assignments (:=)

예시

  • A & B | C is equivalent to (A & B) | C, not to A & (B | C). In particular, both false & true | true and false & false | true evaluates to true.
  • A | B & C is equivalent to (A | B) & C, not to A | (B & C). In particular, both true | true & false and true | false & false evaluates to false.
  • added_lines rlike "foo" + "|bar" is wrong, use added_lines rlike ("foo" + "|bar") instead.

Condition counting

The condition limit is (more or less) tracking the number of comparison operators + number of function calls entered.

Further explanation on how to reduce conditions used can be found at Extension:AbuseFilter/Conditions .

Exclusions

Although the AbuseFilter examine function will identify "rollback" actions as edits, the AbuseFilter will not evaluate rollback actions for matching.[11]

Notes

  1. Comparing arrays to other types will always return false, except for the example above
  2. 2.0 2.1 2.2 2.3 2.4 2.5 2.6 2.7 The only variables currently available for file uploads (action='upload') are user_*, page_*, file_sha1, file_size, file_mime, file_mediatype, file_width, file_height, file_bits_per_channel (the last five were only added since the release for MediaWiki 1.27 gerrit:281503). All the file_* variables are unavailable for other actions (including action='edit').
  3. Since MediaWiki 1.28 (gerrit:295254)
  4. Several filters (12) that use this variable have showed up in the AbuseFilterSlow Grafana dashboard (requires logstash access to view). Moving this variable to towards the end of the filter seemed to help.
  5. See phabricator:T191722
  6. Deprecated with this commit and disabled with this one.
  7. Some filters using this variable have showed up in the AbuseFilterSlow Grafana dashboard (example, requires logstash access). For instance, instead of using "text" in edit_diff_pst (or even edit_diff), consider something like "text" in added_lines & !("text" in removed_lines)
  8. See the source code for a list of types.
  9. Be aware of phab:T27619. You can use Special:AbuseFilter/tools to evaluate ccnorm( "your string" ) to see which characters are transformed.
  10. https://3v4l.org/S6IGP
  11. T24713 - rollback not matched by AF