It is quite a fun developing a web application this summer for NITD Alumni. Working at such a professional level is tough, but it definitely teaches you plenty of new stuff.
While working on this project I came across a major problem with validation. Since the application is supposed to store profiles of alumni's and present students, we need a lot of validation work. Any wrong data will make the database useless, and also we want to put the best user experience forward. So the idea is to give the user the least number of controls and still collect the most amount of data possible.
Initially, I decided to use client side validation using javascript as that would speed up the process as well provide an enhanced user experience. But how much I tried, javascript was easy to hack and anyone could submit garbage data into the form. So finally it was decided to do server side validation using PHP.
Now to make our plans, we did both client side and server side validation. The obvious question is how will this help! Well the client side validation does most of the work, make the interface fast to use and gives a superior user interface. On the other hand the server side code gives a secure backend. So the before the data is written onto the database, the server side validation makes it foolproof and writes it down.
Hence, for a site to work out proper and secure validation techniques, it needs to have both client side and server side validation.
P.S. For those of you looking for client side validation, look out for the jquery.validate.js and additional-methods.js. They contain almost all the necessary validations. And obviously you can write down a few of your own. :)