eni23/gist:503e509610838dca3b10

## gistfile1.php
<?php
define('DB_USER', 'dbuser');
define('DB_PASSWORD', 'dbpass');
$db = mysql_connect('localhost', DB_USER, DB_PASSWORD);
mysql_select_db("dbname",$db);

$result = mysql_query("SELECT ID, post_content FROM wp_posts");
while ($row = mysql_fetch_array($result)) {
        $match=strpos($row[1],"<script");
        if ($match){
                echo "Post with ID {$row['ID']} seems infected, cleanup\n";
                $cleaned = preg_replace('#<script(.*?)>(.*?)</script>#is', '', $row[1]);
                $escaped=mysql_real_escape_string($cleaned);
                $query="UPDATE wp_posts SET post_content='{$escaped}' WHERE ID={$row[0]} LIMIT 1";
                $res=mysql_query($query);
        }
}
	<?php
	define('DB_USER', 'dbuser');
	define('DB_PASSWORD', 'dbpass');
	$db = mysql_connect('localhost', DB_USER, DB_PASSWORD);
	mysql_select_db("dbname",$db);

	$result = mysql_query("SELECT ID, post_content FROM wp_posts");
	while ($row = mysql_fetch_array($result)) {
	$match=strpos($row[1],"<script");
	if ($match){
	echo "Post with ID {$row['ID']} seems infected, cleanup\n";
	$cleaned = preg_replace('#<script(.?)>(.?)</script>#is', '', $row[1]);
	$escaped=mysql_real_escape_string($cleaned);
	$query="UPDATE wp_posts SET post_content='{$escaped}' WHERE ID={$row[0]} LIMIT 1";
	$res=mysql_query($query);
	}
	}