PHP works on Server. So Server side validations work when the client side validations fail to work ( if the java script is turned off).
These validations are typically checked for empty values, numbers only, valid email addresses etc. these validations are very essential to avoid SQL injection attacks.
Example: to check if name is entered
// Validate the name
// the user's surname cannot be a null string
$errorString .= "\n<br>The name field cannot be blank.";