Well server validation is the most solid, since javascript can be bypassed. Client validation is a better user experience and often simpler to implement since you don't have to submit the page. I usually will use both, but on sites that I'm not really worried about hacking and bad values entered maliciously (like admin back ends) then javascript validation is sufficient and you can skip server since it would never be used if the client validation works properly.