What is the difference between backticks and quotes in JavaScript?

Single quotes ('hello') and double quotes ("hello") create basic strings — you can't embed variables inside them without concatenation. Backticks (`hello ${name}`) create template literals that support variable interpolation with ${}, multi-line text, and expression evaluation. AI defaults to backticks because they handle everything quotes can, plus more.

Fundamentals Beginner 8 min read

What Are Template Literals? The Backtick Strings AI Always Generates

Q: What does ${} do in JavaScript?

Inside a template literal (backtick string), ${} evaluates the JavaScript expression inside it and inserts the result into the string. You can put variables (`${name}`), math (`${price * 1.1}`), function calls (`${getName()}`), ternary expressions (`${isAdmin ? 'Admin' : 'User'}`), or any valid JavaScript expression.

Q: When should I use template literals vs regular strings?

Use template literals when: you need to include variables or expressions in the string, the string spans multiple lines, or you're building HTML, SQL, or URLs dynamically. Use regular quotes for simple strings with no variables ('hello', "world"). In practice, AI uses backticks almost everywhere — it's fine to follow that convention.

Q: What does AI get wrong about template literals?

AI sometimes uses template literals for simple strings with no interpolation (unnecessary but harmless). More importantly, AI sometimes builds SQL queries with template literals directly, which creates SQL injection vulnerabilities: `SELECT * FROM users WHERE id = ${userId}` — never do this. Use parameterized queries instead.

Every time AI writes JavaScript for you, strings look different than what you might expect — wrapped in backticks with ${} sprinkled inside. Here's what they do, why AI prefers them, and when they can get you in trouble.

By The AI-Enabled Coder Published March 17, 2026 Tested with JavaScript ES2022, Node.js 22.x

TL;DR

Template literals use backticks (`) instead of quotes. They let you embed variables directly with ${variable}, write multi-line strings, and include expressions. `Hello, ${name}!` is cleaner than 'Hello, ' + name + '!'. AI generates backticks by default. The only danger: never use them to build SQL queries directly — that creates injection vulnerabilities.

Why AI Coders See Backticks Everywhere

If you've looked at any AI-generated JavaScript, you've seen strings like this:

const greeting = `Hello, ${user.name}! You have ${count} new messages.`
const url = `https://api.example.com/users/${userId}/posts`
const html = `<div class="card">
  <h2>${title}</h2>
  <p>${description}</p>
</div>`

These are template literals. AI uses them instead of regular quotes because they handle everything quotes can do, plus variable embedding and multi-line text — without messy string concatenation.

The Three Superpowers

1. String Interpolation: ${}

const name = 'Chuck'
const role = 'AI-enabled developer'

// Old way: string concatenation (what you might write manually)
const bio = 'Hi, I\'m ' + name + ' and I\'m a ' + role + '.'
// Hard to read, easy to miss a quote or space

// Template literal way (what AI always generates)
const bio = `Hi, I'm ${name} and I'm a ${role}.`
// Clean, readable, no quote escaping needed

Inside ${}, you can put any JavaScript expression — not just variables:

// Math
const total = `Your total: $${(price * quantity * 1.08).toFixed(2)}`

// Function calls
const greeting = `Welcome back, ${user.getName().toUpperCase()}!`

// Ternary (if/else in one line)
const status = `User is ${isActive ? 'online' : 'offline'}`

// Object properties
const message = `Order #${order.id} shipped to ${order.address.city}`

2. Multi-Line Strings

// Regular strings: need \n for newlines
const oldWay = 'Line 1\nLine 2\nLine 3'

// Template literals: just press Enter
const newWay = `Line 1
Line 2
Line 3`

// This is huge for HTML generation:
const card = `
  <article class="post-card">
    <h2>${post.title}</h2>
    <p>${post.excerpt}</p>
    <span class="date">${post.date}</span>
  </article>
`

3. No Quote Escaping

// With single quotes: must escape apostrophes
const msg = 'It\'s Chuck\'s app and he\'s proud of it'

// With double quotes: must escape inner quotes
const html = "<div class=\"wrapper\"><p class=\"text\">Hello</p></div>"

// With backticks: no escaping needed for either
const msg = `It's Chuck's app and he's proud of it`
const html = `<div class="wrapper"><p class="text">Hello</p></div>`

Where AI Uses Template Literals

Pattern	Example
API URLs	`/api/users/${userId}/posts`
Error messages	`Failed to load ${resource}: ${error.message}`
HTML generation	`<li class="${isActive ? 'active' : ''}">${name}</li>`
Log messages	`[${timestamp}] ${level}: ${message}`
CSS classes	`btn ${variant} ${size}`
SQL (⚠️ dangerous)	`SELECT * FROM users WHERE id = ${id}` — NEVER do this

What AI Gets Wrong

🚨 Critical: SQL Injection via Template Literals

// DANGEROUS — AI sometimes generates this:
const query = `SELECT * FROM users WHERE email = '${userEmail}'`
// If userEmail is: ' OR 1=1; DROP TABLE users; --
// The query becomes: SELECT * FROM users WHERE email = '' OR 1=1; DROP TABLE users; --'
// Your database is gone.

// SAFE — use parameterized queries:
const result = await db.query('SELECT * FROM users WHERE email = $1', [userEmail])
// The $1 is a parameter — the database treats it as data, never as SQL code

This is the single most dangerous pattern AI generates with template literals. See our SQL injection guide for the complete story.

Using Backticks for Simple Strings (Harmless)

// AI generates:
const name = `Chuck`  // Backticks with no interpolation

// Equivalent to:
const name = 'Chuck'  // Regular quotes

// This is harmless — just unnecessary. Some style guides prefer quotes for
// non-interpolated strings, but it doesn't matter functionally.

What to Learn Next

Frequently Asked Questions

What are template literals in JavaScript?

Template literals are strings wrapped in backticks (`) instead of quotes. They let you embed variables and expressions directly with ${}, span multiple lines without escape characters, and nest expressions including function calls. AI uses them almost exclusively because they're cleaner and more flexible than regular quoted strings.

What is the difference between backticks and quotes?

Single/double quotes create basic strings — to include a variable, you concatenate: 'Hello, ' + name. Backticks create template literals supporting interpolation: `Hello, ${name}`. Backticks also support multi-line strings and don't require escaping quotes inside the string. AI defaults to backticks because they handle everything quotes can, plus more.

What does ${} do in JavaScript?

Inside a template literal (backtick string), ${} evaluates any JavaScript expression and inserts the result into the string. You can use variables (${name}), math (${price * 1.1}), function calls (${getName()}), ternary expressions (${x ? 'yes' : 'no'}), or any valid JavaScript expression inside the brackets.

When should I use template literals vs regular strings?

Use template literals when the string includes variables, expressions, or spans multiple lines. Use regular quotes for simple strings with no interpolation. In practice, AI uses backticks nearly everywhere — following that convention is fine. The one exception: never use template literals to build SQL queries directly. Use parameterized queries to prevent injection attacks.

What does AI get wrong about template literals?

The critical mistake: building SQL queries with template literals (`SELECT * FROM users WHERE id = ${userId}`), which creates SQL injection vulnerabilities. Always use parameterized queries instead. AI also sometimes uses backticks for simple strings with no interpolation — harmless but unnecessary. The SQL injection issue is the one that can actually destroy your database.