Form validation
From Joomla! Documentation
Joomla has client-side and server-side form validation capabilities.
Server side validation is essential since everything before that can be overridden on the user side by hackers. However client-side is the most user-friendly validation, so using both is considered best practice.
Client-side Validation[edit]
...is done via JavaScript while the user is filling in the form fields.
It uses the HTML classes required' and validate-[xxx] (with [xxx] being a Joomla or custom rule; e.g. validate-numeric)
More here: Client-side form validation
Server-side validation[edit]
...is done after having submitted the form and will normally return to the form when not validated with some extra messages.
It uses the HTML attributes required ("true" or "required") and validate (with the value being a Joomla or custom rule, e.g. validate="email")
More here: Server-side form validation