How to Validate Web Forms
Form validation is the process by which you examine the data from a web form to make sure it's the correct and expected data in the right format. There are two general types of validation, client-side and server-side.
Server-side validation occurs in the code running on the server, in this case, the PHP code.
Always assume bad data
Rule #1 in programming is to always assume that the data you're receiving is incorrect and only after it's been proven correct should it be used. Working with this assumption greatly simplifies your task as a programmer.
With this assumption, you no longer need to try to think of every way that a user could break your program. Rather, you merely need to think about the correct way to use it, and then make sure that your version of correctness is being followed.
Sometimes mirror client- and server-side validation