Validating data is one of the most common and important operations in an enterprise solution. Whatever your application domain is, you should always validate your data against the proposed business constraints, and in the different layers of your application. You should always validate data entered directly by the user (in the presentation layer), data received by your web services, data received by your business objects, and data before being sent to the database (in the data access layer).
But why you should validate your data in all application layers rather than the presentation layer, which has direct contact with your end user?Â
The answer is this: you may expose a web service layer to allow integration with third parties, or even have a set of web services to support your frontend without an intent to expose them to third parties...