1. Find web-shell. Check the logs to the server.
2. Check your website for vulnerabilities to exploit.
3. Change all passwords.
4. Change the access rights to files and directories on a read-only. (although this can bring you some inconvenience.)
5. Remove all the consequences of hacking.
But I’m not going to insert the markup as markup (code), and as text.
I use the backlight sintasisa languages (for example – syntax highlighter or google-code-prettify).
Judging because some pasted text disappears when proper insertion – the fact JavaScript TinyMCE.
