This is a conceptual question. In general modern programs are built in 3 layers:
- Presentation
- Business Logic
- Database
As a rule, layer 1 may elect to validate all input in a modern application, providing the user with quick feedback on possible issues (for example a JS popup saying "this is not a valid email address").
Layer 2 always has to do full validation. It's the gateway to the backend and it can check complex relational constraints. It ensures no corrupt data can enter the database, in any way, validated against the application's constraints. Those constraints are oft more complex than what you can check in a database anyway (for example a bank account number here in the Netherlands has to be either 3 to 7 numbers, or 9 or 10 and match a check digit test).
Layer 3 can do validation. If there's only one 'client' it's not a necessity per se, if there's more (especially if there are 'less trusted' users of the same database) it should definitely also be in the database. If the application is mission-critical, it's also recommended to do full validation in the database as well with triggers and constraints, just to have a double guard against bugs in the business logic. The database's job is to ensure its own integrity, not compliance to specific business rules.
There's no clear-cut answers to this one, it depends on what your application does and how important it is. In a banking application - validate on all 3 levels. In an internet forum - check only where it is needed, and serve extra users with the performance benefits.