When building web applications, it is important you take security seriously, especially when it has to do with collecting data from users.
It is a common maxim in security to trust nobody, hence never trust the user to enter correct or valid form values. For example, in an email form field, instead of entering a valid email address, the user might enter an invalid one or malicious data obviously ignoring the intent of the request.
When it comes to validating form values, it can be done on the client-side (web browser) and on the server-side (using your preferred server-side language).
In an article i wrote for Sitepoint, i explained how validating form values,can be done on the client-side (web browser).
Read full tutorial here => Client-Side Form Validation with HTML5