From what you are saying the way that the templating system is working is to arbirarily insert vars into the HTML as a pre-process. As such it can arbitrarily break your javascript before it can run. In this case by far the easiest solution, in fact probably the only solution will be to attack the source and send correctly escaped strings s/([^\w])/\\$1/g;

The only other possible solution that occurs to me is trick the javascript thusly (pseudo code)

<script>
/*
<VAR1>
$var1
</VAR1>
<VAR2>
$var2
</VAR2>
*/


// now provided $var1 and $var2 did not contain the */ sequence
// we should have all their values in pseudo XML within our 
// script. so now all we need to do is read the comment 
// somehow (don't know how but document.me.content.value or some 
// such probably holds the entire HTML text) and then use some regex
// magic to extract the values we want

// begin magic...

</script>
[download]

We trick the javacript to thinking that

cheers

tachyon

s&&rsenoyhcatreve&&&s&n.+t&"$'$`$\"$\&"&ee&&y&srve&&d&&print