[list=1][]Use " to escape a double quotation mark in HTML.
[]You must escape ‘&’ characters as &.
[]Don’t use the javascript: pseudo-scheme in the href; return false from the event handler instead.
[]Don’t prefix javascript: in the onclick attribute! It’s not a URI, and you’re just putting a completely useless label in there![/list]
Instead of adding JavaScript to the head, put the JavaScript at the bottom of the body and then you can run it straight away knowing that the DOM elements it is referenceing already exist.
If using an <a> tag then the href must point to the web page that you want your visitors without JavaScript to get to if they click on the link. If you don’t want those visitors to have anything happen when they click the image then replace the <a> with a <span> so that there is no default action.