Is connecting to database from client-side script a potential security hazard?

Like in topic.

Should i make database manger logic in server-side script, or client-side?

Yes. very much this.

Can you explain the potential risks?

Do Client-side files get downloaded to the Client’s PC?

What about the Server ones? I want to understand it clearly.

Yeah, that’s the meaning of client side: it is downloaded to and runs from the client’s machine.