Wikipedia:Edit filter/Traps and pitfalls

This page covers some common mistakes made by edit filter managers. For the full documentation, see Edit filter/Documentation and mw:Extension:AbuseFilter.

Throttling
When applying a throttle to an edit filter, it is important that you do so using both the  and   variables wherever possible (as opposed to using either or).

Throttling by  alone throttles by user id, not by username. All logged out editors share one user id, which is. This may cause false positives and issues if many anonymous users unrelated to one another match the filter conditions when saving edits.

Throttling by  alone throttles logged in editors by their underlying IP address. Do not use only the  variable when applying a throttle, unless the filter specifically targets logged out or anonymous users only.

user_rights
The  variable only contains the user's current rights. If the user has logged in using a bot password, or is editing with an OAuth application,  may be limited. For example, it looks like we could exclude extended confirmed users, bots, and administrators with but this will not work as expected if the user did not grant  when setting up a bot password. Instead, just specify the groups explicitly:

Test/examine interface and recent changes
Some variables at Special:Abusefilter/test and Special:AbuseFilter/examine will have different values from what they would have been had the filter actually tripped at the time of the change.

Suppose that Alice, as her first edit, adds the string "Hello, world! ~ " to a page that has only ever been edited by Bob. She then makes 20 more edits.

One week later, we look at her edit with Special:AbuseFilter/examine. Some results may be surprising:

Order of operations
and other keywords have a higher precedence than. This does not check if  contains "foo" or "bar": Instead use:

norm and repeating characters
The norm function performs the following modifications to the string value to it in the following specific execution order:
 * 1) It begins by replacing confusing characters, or characters that are often used to spoof or maliciously bypass edit filter conditions.
 * 2) It then removes any repeating characters that are next to one another, leaving one character remaining. For example: string "ABC12345555556" would become "ABC123456".
 * 3) All special characters (such as _, +, :, #, $. %, {, etc.) are then stripped and removed.
 * 4) Lastly, all whitespace characters are stripped and removed from the string.

This can lead to unexpected results if one is unaware of the function's specific execution order:

You may be asking yourself, "what happened here?" Take a look below to see how the norm function's execution order modifies string_example step-by-step:

When in doubt, use the debugging tool to assist you.

Creating a tag
Tags are created automatically when a filter is saved. Do not use the interface at the top of Special:Tags, unless you also want to activate the tag for manual use. Mistakenly activated tags may be deactivated from Special:Tags.

Be careful with arrays
The only operation that really works with arrays is. Other operations will implicitly cast an array to a string first. This could give an unintuitive result. For example,  is in fact equivalent to. Therefore, when  is 1, 2, 3, or 4, the expression will be evaluated to true as well. In the above case, use  as a workaround instead.

On the other hand, if you want to compute the amount of text added (removed), you might be tempted to use,   or similar. However,,   and   do not implicitly cast arrays to string and will return the length of the array (i.e., number of lines), not the character count, instead. The cast needs to be explicit, i.e.,.

Be careful with division
One might expect that  will check if   is either 0 or 1. However, the division operation in fact doesn't discard the remainder. That means, if the numerator is not divisible by the denominator, the result will be a float. In the above case, use  instead.

Numeric comparisons with null
Like in PHP,  is smaller than any number, i.e.   is true. This is especially problematic when using : if the action being filtered is not an edit,   will evaluate to true. Remember to check that  when using   like that.

Disappearing filter logs
Filter logs can disappear under these circumstances: 1) If an edit is saved and then rev-deleted or oversighted, then the filter log disappears from view (including from sysops). 2) Oversighters can remove the logs of either saved or unsaved edits. Edit filter counters will always increment, therefore, a filter may have fewer visible logs than the number of hits.

Inconsistent naming of some variables
For historical reasons, some variable names do not fit the general naming pattern: