JavaScripts are inserted into HTML files by means of the SCRIPT element.
<script type="text/javascript" language="JavaScript">
<!--
JavaScript code goes here
//-->
</script>
Note that the actual JavaScript code is placed inside a pair of HTML COMMENT tags, which will prevent browsers that do not support JavaScript from rendering the script as plain text.
Also note the double slash ( // ) before the COMMENT end tag. This makes the line a JavaScript comment, and prevents Netscape® from attempting to interpret the --> as part of the script; Internet Explorer® seems not to do this, and isn't bothered by the //.
The type attribute informs the browser the type of the SCRIPT element's content, which in our case is "text/javascript". This is internally used by browsers to determine how an element's content is to be treated.
This attribute may normally be omitted if your script is fully ECMA compliant, the default. If the script is platform specific, then this must be stated, as in "text/jscript" or "text/vbscript". Older browsers that do not support scripts will simply ignore this.
In the same sense, the language attribute may be set to "JavaScript" for all browsers, or you can specify the following versions: JavaScript 1.4, 1.3, 1.2, 1.1; JScript; or VBScript.
If you specify a language version, only browsers that support that version will attempt to execute the script. The advantage is that the script will run with less risk of errors resulting from differences between versions.
The main drawback, though, is that this prevents non-conforming browsers from even attempting to execute the script. You may have to put something in place of what the script was intended to do in the first place, such that if a browser does skip the script, it does not disorient your readers. Imagine, for example, if the script was supposed to "write" some important header text but is ignored at run time.
If you are working on an official site for an organization,
then you should always make sure to test and run only scripts that will work on most browsers. There is no safer way to prevent errors. If you cannot get a script to work on at least the two major browsers, then there really is no point in using the script at all.
In some cases, instead of writing the code between the SCRIPT start and end tags, you can put it in a separate file with the extension .js, and access that file through the src attribute, as in:
<script language="JavaScript" src="myscript.js"></script>
NOTE: src is an attribute and must be placed inside the start tag.
The separate .js file is best for longer scripts, and for scripts that are to be used more than once on a site, as in a navigation script. This method, though, is supported only in Microsoft® IE 4.0 and Netscape® 4.0 and later; it works in IE 3.0 only if the script does not write any text into the HTML document. This method does not work in Opera® 3.0.
Keep in mind that external .js files should contain only the script code; the SCRIPT and COMMENT tags must not be present in the file; these are used only in inline scripts.
Also note that you cannot include any inline code within the start and end tags of a SCRIPT element ( in the HTML page ) that refers to an external .js source.
Technically, scripts can be placed anywhere in an HTML file,
but here are some points to consider.
If the script writes information to the HTML file, the script needs to be located at the point in the document BODY where the information should be written.
If the script contains functions that will be called by a user-initiated event, such as mouseovers or clicking, the script must be placed in the HEAD of the document, so that the script's functions are parsed ( read and written to memory ) before the browser renders the body, or makes user interaction possible.
Placing scripts in the document HEAD also eliminates the chance of older browsers not supporting JavaScript rendering the script as text.
The succeeding sections of this tutorial provide suggestions on what JavaScript can be used for, and how. 
Some relevant references: