R
The problem you are suffering is due to mixing the local date formats that are used internally in both the database and the browser.I'm going to try to recommend changes so that everything is at the same date data format level.DatabaseTo start, I assume the field fechaactual of the database is correctly configured as DATE and not as a generic text (VARCHAR, CHAR, TEXTetc.).In the event not to be, the stored information should be migrated to the correct format as follows:UPDATE registros
SET fechaactual = STR_TO_DATE(fechaactual, '%d-%m-%Y');
ALTER TABLE registros
MODIFY fechaactual DATE;
You can see an example online https://www.db-fiddle.com/f/56ZA29M6QAD7AezVkLUV58/0 .In the first SQL instruction I make a string conversion that is in format, for example, dd-mm-aaaa to format aaaa-mm-dd expected in a field DATE.In the second instruction I convert the field to type DATE (which would be ideal).Current dateYou must think of a https://developer.mozilla.org/es/docs/Web/HTML/Elemento/input/date#Valor shows the user the date in local settings, but internally stores it and must indicate it in format aaaa-mm-dd:<input type="date" name="fechahoy" value="<?= date('Y-m-d') ?>" class="input-50" readonly>
If you use a type field <input type="text" /> and allow the user to make use of a local date format, you cannot use that date in an SQL query if the fields are in formats DATE, DATETIME, TIMESTAMP, etc. because in the database they are represented as aaaa-mm-dd or aaaa-mm-dd hh:mm:ss.FormIn this case I recommend not to mention the local format. Users who have the operating system in another local configuration may have problems for the browser to validate the date as you indicate.Nor would it put the attribute maxlength and the button would not give value (so that a text of which you will not use is not sent):<form action="reporte.php" method="POST" class="form-inline my-2 my-lg-0 sclass">
<input type="date" name="fechainc" placeholder="Fecha inicio" required class="form-control mr-sm-2"><br/>
<input type="date" name="fechafin" placeholder="Fecha final" required class="form-control mr-sm-2">
<button type="submit" class="btn btn-outline-success my-2 my-sm-0">Generar</button>
</form>
Script PHPIn the PHP script I have made several changes that are commented on in the code:<?php
/* Una construcción del lenguaje no requiere paréntesis, no tiene parámetros */
require 'conex.php';
/* Antes de hacer uso de variables POST comprobamos su existencia /
if(empty($_POST['fechainc']) === false
&& empty($_POST['fechafin']) === false
) {
/ Escapamos las fechas para evitar inyección SQL */
$fecha1 = $conex->real_escape_string($_POST['fechainc']);
$fecha2 = $conex->real_escape_string($_POST['fechafin']);
/* Enviamos las cabeceras para la descarga del archivo */
header('Content-Type: text/csv; charset=utf-8');
header('Content-Disposition: attachment; filename="Reporte_Registros(PRISMA).csv"');
$salida = fopen('php://stdout', 'w');
fputcsv(
$salida,
array(
'ID Registro',
'Chasis',
'Acoplado',
'Operatoria',
'Sector',
'Producto',
'Datos Chofer',
'Datos Transporte',
'R.U.T.A. Chasis',
'R.U.T.A. Acoplado',
'R.T.O. Chasis',
'R.T.O. Acoplado',
'Extintor',
'Licencia',
'Empresa de Seguro',
'Seguro Chasis',
'Seguro Acoplado',
'Arrestallamas',
'E.P.P.',
'Estado Cisterna',
'Estado Check',
'Fecha Registro',
'Registro',
'Comentarios'
),
";"
);
/* Ahora puedo usar las variables ya que el contenido ha sido escapado a SQL */
$reporteCsv = $conex->query("
SELECT *
FROM registros
WHERE fechaactual BETWEEN '$fecha1' AND '$fecha2'
ORDER BY fechaactual DESC
");
/* Procura hacer uso SIEMPRE de las llaves {} aunque sólo haya una instrucción /
while ($filaR = $reporteCsv->fetch_assoc()) {
fputcsv(
$salida,
array(
$filaR['idregistros'],
$filaR['patchasis'],
$filaR['patacoplado'],
$filaR['operatoria'],
$filaR['sector'],
$filaR['producto'],
$filaR['datoschofer'],
$filaR['datostransporte'],
$filaR['rutachasis'],
$filaR['rutaacoplado'],
$filaR['vtochasis'],
$filaR['vtoacoplado'],
$filaR['extintor'],
$filaR['licencia'],
$filaR['nombreseguro'],
$filaR['segurochasis'],
$filaR['seguroacoplado'],
$filaR['arrestallamas'],
$filaR['epp'],
$filaR['estadocisterna'],
$filaR['estadocheck'],
$filaR['fechaactual'],
$filaR['registro'],
$filaR['comentarios']
),
";"
);
}
}
/ No es necesario ni recomendable cerrar la etiqueta si sólo hay código PHP */
I highlight one of the most important modifications: to avoid https://www.youtube.com/watch?v=EpKIhF7naSY related to the https://es.wikipedia.org/wiki/Inyecci%C3%B3n_SQL , you should use (e.g.) the function https://php.net/es/mysqli.real-escape-string to escape the content of the variables to SQL.
