On typical web development we need to sort user validation server side, users can get around javascript easily, but I was wondering how important this is on a phonegap application?
If I put up javascript validation on my web forms, should I still spend time making sure user input is valid on server side?
I guess what I am trying to get at is, can the user manipulate my javascript on hybrid based applications?
Short: you should always worry about server side validation.
Long: Javascript cannot easily be manipulated within the app, but rest assured that the frontend is never safe. In fact, the Javascript and HTML/CSS of a Phonegap application can easily be extracted and they could rebuild your app with just a few differences.
In addition, anybody could fire calls to your backend services (from self-built front-ends, REST clients or anything really), so be very sure that your services are safe and that your data is validated..!