As a free time coder, i'm writing a nonprofit jobmediation website for students. I'm using primarily php but since i heard about a friend's website became a pishing script inserted over his contactform, i'm worried about my own protection. I'm not very skilled in writing safe contactforms and input validations, which is why i'm considering to write the whole site again in js. Would you estimate javascript as save enough for beginners or would you recommend continuing coding with php? I'm scared for beeing made responsible for a website which is mostly for practicing purposes.
If you don't know how to program properly, if you're oblivious to best practices, you'll make a mess of it in anything, be it JavaScript or PHP.
If you're not "very skilled" that's because you haven't got a basis for how to do it correctly. There are guides for PHP that explain this in more detail.
Remember that whatever validation you do on the client side must be done on the server as well.
Ideally you'll want to use a development framework like Laravel to avoid having to write everything from scratch. This applies to any language you're using, as JavaScript can be just as bad if working from the ground up.
If you're intent on re-writing, you might consider Ruby on Rails which is very forgiving and hard to get wrong from a security perspective if you follow their guidelines.