My question may be a little vague, but very useful for me.
The question is, do I have a site where I am not validating forms with PHP but yes with javascript , is there any way for the user to disable the javascript's on the server and cause it to send data without going through the verification?
Guilherme, any and all validation on the client side is ineffective to ensure the integrity of your data. But they are important because using them makes your page more user friendly and reduces the data load to the server, since it will have a reduced number of requests with uncorrected data.
Finally, you do not have any control over the browser, and your user has complete control over it, it can disable javascript, cookies, notifications, storage and etc ... So it's "normal" that one user accesses your page without JavaScript.
On the other hand server side validation can guarantee data integrity, and prevent erroneous or malicious data from being processed, but if you decide to only perform validation on the server, you can end up with a bad experience and the server overloaded unnecessarily.
So the ideal is to do validation at both ends (client and server).
