Does anyone have any insight?
To be more concise, my question is really about how teams of people manage the 'papertrail' when it comes to duplication of logic (or how the front end access the backend as suggested by Fanis below), rather than the actual implementation. For example, do you leave comments in the backend code saying "front end copies/accesses this bit" or is there a more 'professional' way to keep track of what's doing what?
Whichever part actually uses the data should be the one with the final say, ie the backend, and it should have the strictest validation rules. For me validation in the front end is there to improve user experience, so that the user gets faster feedback on what's wrong with his input without waiting for a page reload. I would be ok with the front end having a small subset of the most generic validation rules (ie fields empty, malformed email addresses etc) and let the back end do any heavy lifting (eg duplicate entries detection).
However, if you need to bring full validation to the front end, consider this:
This way you only have 1 copy of the validation rules, in your backend.
Note that you would be doing the validation twice, and if it's expensive (ie duplicates detection with heuristics over a large data set) perhaps that's not desireable. You could solve that by storing the form data in the user's session during the first validation if no error was found. Then when the form is actually submitted the backend won't re-validate it.
have you looked at nodejs lately? with a bit of work and the appropriate framework (like, mootools) you can run literally the same validation classes both client and server side.