[eluser]slowgary[/eluser]
I have to disagree pbreit, that stance is very insecure. Any client side (JavaScript) validation can't be trusted. Anyone can easily turn off JavaScript in their browser. It's like an ATM machine that asks "Is the PIN number you entered correct, YES or NO?". Of course ATM machines don't do that because it would be insecure. That's why it's called "client side". You can't ask the client to verify their own information. The only secure way is for the server to do it.
Javascript validation is useful, however, to improve user experience, where a user filling out a form might be able to see that they've done something wrong BEFORE they submit it.
This is NOT my opinion, it is fact. Do not trust the client to verify their own data.