They should also be validated once they reach the server and before inserting into the database (or is calling the PHP directly with junk entries a billion times going to be acceptable?
They should also be validated once they reach the server and before inserting into the database (or is calling the PHP directly with junk entries a billion times going to be acceptable?