The JavaScript code you are sending (as seen by using print $response) is:
$('override_...').innerHTML="<a href='#' onClick='javascript:makeForm(
+"...", "...", "...");'>...</a>';
but it should be
$('override_...').innerHTML="<a href='#' onClick='javascript:makeForm(
+\"...\", \"...\", \"...\");'>...</a>";
The first double-quote is wrongly closed with a single quote, and you have unescaped double-quotes.
Other potential problems:
- Is $('override_123') valid JavaScript? I've never seen that syntax before, but I have little JavaScript experience.
- Are $componentId, $componentType and $newTitle properly escaped to be used in a JavaScript double-quoted string? (\ => \\, " => \")
- Are $componentId, $componentType and $newTitle properly escaped to be used in an HTML single-quoted value? (& => &, ' => ')
- Is $newTitle properly escaped to be used in HTML? (& => &, < => <)
Update: The following addresses quoting issues:
use strict;
use warnings;
use HTML::Entities qw( encode_entities );
sub js_from_text {
for (@_ ? $_[0] : $_) {
s/([\\"])/\\$1/g;
return qq{"$_"};
}
}
sub html_from_text {
for (@_ ? $_[0] : $_) {
return encode_entities($_);
}
}
my ($text_componentId, $text_componentType, $text_newTitle) = ...;
my $js_component = js_from_text("override_$text_componentId");
my $js_componentId = js_from_text($text_componentId);
my $js_componentType = js_from_text($text_componentType);
my $js_newTitle = js_from_text($text_newTitle);
my $js_onClick = "makeForm($js_componentId, $js_componentType, $
+js_newTitle);";
my $html_onClick = html_from_text($js_onClick);
my $html_newTitle = html_from_text($text_newTitle);
my $html = qq{<a href="#" onClick="javascript:$html_onClic
+k">$html_newTitle</a>};
my $js_html = js_from_text($html);
my $js_response = "\$($js_component).innerHTML = $js_html;";
print("$js_response\n");
There is a situation where hungarian notation is very useful. Making Wrong Code Look Wrong is a worthwhile read.