diff --git a/app/recordings/recording_edit.php b/app/recordings/recording_edit.php
index 2751b928b..ab83e9fa8 100644
--- a/app/recordings/recording_edit.php
+++ b/app/recordings/recording_edit.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2025
+	Portions created by the Initial Developer are Copyright (C) 2008-2026
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -87,6 +87,32 @@
 		//$languages = $transcribe->get_languages();
 	}
 
+// Set variables from http GET parameters
+	$page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0;
+	$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'recording_name'));
+	$order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc';
+	$search = $_GET['search'] ?? '';
+	$show = $_GET['show'] ?? '';
+
+// Build the query string
+	$param = [];
+	if (!empty($page)) {
+		$param['page'] = $page;
+	}
+	if (!empty($_GET['order_by'])) {
+		$param['order_by'] = $order_by;
+	}
+	if (!empty($_GET['order'])) {
+		$param['order'] = $order;
+	}
+	if (!empty($search)) {
+		$param['search'] = $search;
+	}
+	if (!empty($show) && $show == 'all' && permission_exists('recording_all')) {
+		$param['show'] = $show;
+	}
+	$query_string = http_build_query($param);
+
 //get recording id
 	if (!empty($_REQUEST["id"]) && is_uuid($_REQUEST["id"])) {
 		$recording_uuid = $_REQUEST["id"];
@@ -145,7 +171,7 @@
 				$obj->delete($array);
 
 				//redirect
-				header('Location: recordings.php');
+				header('Location: recordings.php'.($query_string ? '?'.$query_string : ''));
 				exit;
 			}
 		}
@@ -154,7 +180,7 @@
 		$token = new token;
 		if (!$token->validate($_SERVER['PHP_SELF'])) {
 			message::add($text['message-invalid_token'],'negative');
-			header('Location: recordings.php');
+			header('Location: recordings.php'.($query_string ? '?'.$query_string : ''));
 			exit;
 		}
 
@@ -282,7 +308,7 @@
 				message::add($text['message-update']);
 
 				//redirect
-				header("Location: recording_edit.php?id=".$recording_uuid);
+				header("Location: recording_edit.php?id=".$recording_uuid.($query_string ? '&'.$query_string : ''));
 				exit;
 			}
 		}
@@ -323,7 +349,7 @@
 	echo "<div class='action_bar' id='action_bar'>\n";
 	echo "	<div class='heading'><b>".$text['title-edit']."</b></div>\n";
 	echo "	<div class='actions'>\n";
-	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','link'=>'recordings.php']);
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$settings->get('theme', 'button_icon_back'),'id'=>'btn_back','link'=>'recordings.php'.($query_string ? '?'.$query_string : '')]);
 	if (permission_exists('recording_delete') && !empty($recording_uuid) && is_uuid($recording_uuid)) {
 		echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$settings->get('theme', 'button_icon_delete'),'name'=>'btn_delete','style'=>'margin-left: 15px;','onclick'=>"modal_open('modal-delete','btn_delete');"]);
 	}
diff --git a/app/recordings/recordings.php b/app/recordings/recordings.php
index f50e7cda2..a726b899c 100644
--- a/app/recordings/recordings.php
+++ b/app/recordings/recordings.php
@@ -65,10 +65,34 @@
 	$theme_button_icon_play = $settings->get('theme','button_icon_play');
 	$theme_button_icon_reset = $settings->get('theme','button_icon_reset');
 
+// Set variables from http GET parameters
+	$page = is_numeric($_GET['page'] ?? '') ? $_GET['page'] : 0;
+	$order_by = preg_replace('#[^a-zA-Z0-9_\-]#', '', ($_GET['order_by'] ?? 'recording_name'));
+	$order = ($_GET['order'] ?? '') === 'desc' ? 'desc' : 'asc';
+	$search = $_GET['search'] ?? '';
+	$show = $_GET['show'] ?? '';
+
+// Build the query string
+	$param = [];
+	if (!empty($page)) {
+		$param['page'] = $page;
+	}
+	if (!empty($_GET['order_by'])) {
+		$param['order_by'] = $order_by;
+	}
+	if (!empty($_GET['order'])) {
+		$param['order'] = $order;
+	}
+	if (!empty($search)) {
+		$param['search'] = $search;
+	}
+	if (!empty($show) && $show == 'all' && permission_exists('recording_all')) {
+		$param['show'] = $show;
+	}
+	$query_string = http_build_query($param);
+
 //set additional variables
 	$action = $_REQUEST["action"] ?? '';
-	$search = $_REQUEST["search"] ?? '';
-	$show = $_GET['show'] ?? '';
 
 //download the recording
 	if ($action == "download" && (permission_exists('recording_play') || permission_exists('recording_download'))) {
@@ -173,7 +197,7 @@
 
 		//set the file name to be inserted as the recording description
 			$recording_description = $_FILES['file']['name'];
-			header("Location: recordings.php?rd=".urlencode($recording_description));
+			header("Location: recordings.php?rd=".urlencode($recording_description).($query_string ? '&'.$query_string : ''));
 			exit;
 	}
 
@@ -275,7 +299,7 @@
 
 		//redirect
 			if ($_GET['rd'] ?? '') {
-				header("Location: recordings.php");
+				header("Location: recordings.php".($query_string ? '?'.$query_string : ''));
 				exit;
 			}
 	}
@@ -297,17 +321,10 @@
 				break;
 		}
 
-		header('Location: recordings.php'.($search != '' ? '?search='.urlencode($search) : ''));
+		header('Location: recordings.php'.($query_string ? '?'.$query_string : ''));
 		exit;
 	}
 
-//get order and order by
-	$order_by = $_GET["order_by"] ?? '';
-	$order = $_GET["order"] ?? '';
-
-//add the search term
-	$search = $_REQUEST["search"] ?? '';
-
 //get the total recordings from the database
 	$sql = "select count(*) from v_recordings ";
 	$sql .= "where true ";
@@ -321,20 +338,14 @@
 		$sql .= "	or lower(recording_filename) like :search ";
 		$sql .= "	or lower(recording_description) like :search ";
 		$sql .= ") ";
-		$parameters['search'] = '%'.strtolower($search).'%';
+		$parameters['search'] = '%'.lower_case($search).'%';
 	}
 	$num_rows = $database->select($sql, $parameters ?? null, 'column');
 
 //prepare to page the results
 	$rows_per_page = ($domain_paging != '') ? $domain_paging : 50;
-	$param = "&search=".urlencode($search);
-	if ($show == "all" && permission_exists('recording_all')) {
-		$param .= "&show=all";
-	}
-	$param .= "&order_by=".$order_by."&order=".$order;
-	$page = isset($_GET['page']) ? $_GET['page'] : 0;
-	[$paging_controls, $rows_per_page] = paging($num_rows, $param, $rows_per_page);
-	[$paging_controls_mini, $rows_per_page] = paging($num_rows, $param, $rows_per_page, true);
+	[$paging_controls, $rows_per_page] = paging($num_rows, $query_string, $rows_per_page);
+	[$paging_controls_mini, $rows_per_page] = paging($num_rows, $query_string, $rows_per_page, true);
 	$offset = $rows_per_page * $page;
 
 //get the file size
@@ -371,7 +382,7 @@
 		$sql .= "	or lower(recording_filename) like :search ";
 		$sql .= "	or lower(recording_description) like :search ";
 		$sql .= ") ";
-		$parameters['search'] = '%'.strtolower($search).'%';
+		$parameters['search'] = '%'.lower_case($search).'%';
 	}
 	$sql .= order_by($order_by, $order, 'recording_name', 'asc');
 	$sql .= limit_offset($rows_per_page, $offset);
@@ -431,7 +442,7 @@
 	echo "	<div class='heading'><b>".$text['title-recordings']."</b><div class='count'>".number_format($num_rows)."</div></div>\n";
 	echo "	<div class='actions'>\n";
 	if (permission_exists('recording_add') && $speech_enabled == 'true') {
-		echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$theme_button_icon_add,'id'=>'btn_add','link'=>'recording_edit.php']);
+		echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$theme_button_icon_add,'id'=>'btn_add','link'=>'recording_edit.php'.($query_string ? '?'.$query_string : '')]);
 	}
 	if (permission_exists('recording_upload')) {
 		echo 	"<form id='form_upload' class='inline' method='post' enctype='multipart/form-data'>\n";
@@ -451,20 +462,20 @@
 	if (permission_exists('recording_delete') && $recordings) {
 		echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$theme_button_icon_delete,'id'=>'btn_delete','name'=>'btn_delete','style'=>'display: none;','onclick'=>"modal_open('modal-delete','btn_delete');"]);
 	}
-	echo 		"<form id='form_search' class='inline' method='get'>\n";
-	if (permission_exists('recording_all')) {
-		if ($show == 'all') {
-			echo "		<input type='hidden' name='show' value='all'>";
-		}
-		else {
-			echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$theme_button_icon_all,'link'=>'?type=&show=all'.($search != '' ? "&search=".urlencode($search) : null)]);
+	echo "		<form id='form_search' class='inline' method='get'>\n";
+	foreach ($param as $key => $value) {
+		if ($key !== 'search' && $key !== 'page') {
+			echo "		<input type='hidden' name='".escape($key)."' value='".escape($value)."'>\n";
 		}
 	}
-	echo 		"<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>";
+	if ($show !== 'all' && permission_exists('recording_all')) {
+		echo button::create(['type'=>'button','label'=>$text['button-show_all'],'icon'=>$theme_button_icon_all,'link'=>'?show=all']);
+	}
+	echo "		<input type='text' class='txt list-search' name='search' id='search' value=\"".escape($search)."\" placeholder=\"".$text['label-search']."\" onkeydown=''>";
 	echo button::create(['label'=>$text['button-search'],'icon'=>$theme_button_icon_search,'type'=>'submit','id'=>'btn_search']);
 	//echo button::create(['label'=>$text['button-reset'],'icon'=>$theme_button_icon_reset,'type'=>'button','id'=>'btn_reset','link'=>'recordings.php','style'=>($search == '' ? 'display: none;' : null)]);
 	if ($paging_controls_mini != '') {
-		echo 	"<span style='margin-left: 15px;'>".$paging_controls_mini."</span>";
+		echo "	<span style='margin-left: 15px;'>".$paging_controls_mini."</span>";
 	}
 	echo "		</form>\n";
 	echo "	</div>\n";
@@ -485,7 +496,6 @@
 
 	echo "<form id='form_list' method='post'>\n";
 	echo "<input type='hidden' id='action' name='action' value=''>\n";
-	echo "<input type='hidden' name='search' value=\"".escape($search)."\">\n";
 
 	echo "<div class='card'>\n";
 	echo "<table class='list'>\n";
@@ -498,12 +508,12 @@
 		$col_count++;
 	}
 	if ($show == "all" && permission_exists('recording_all')) {
-		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, $param, "class='shrink'");
+		echo th_order_by('domain_name', $text['label-domain'], $order_by, $order, null, "class='shrink'", $query_string);
 	}
-	echo th_order_by('recording_name', $text['label-recording_name'], $order_by, $order);
+	echo th_order_by('recording_name', $text['label-recording_name'], $order_by, $order, null, null, $query_string);
 	$col_count++;
 	if ($recording_storage_type != 'base64') {
-		echo th_order_by('recording_filename', $text['label-file_name'], $order_by, $order, null, "class='hide-md-dn'");
+		echo th_order_by('recording_filename', $text['label-file_name'], $order_by, $order, null, "class='hide-md-dn'", $query_string);
 		$col_count++;
 	}
 	if (permission_exists('recording_play') || permission_exists('recording_download')) {
@@ -516,7 +526,7 @@
 	echo "<th class='center hide-md-dn'>".$text['label-date']."</th>\n";
 	$col_count++;
 
-	echo th_order_by('recording_description', $text['label-description'], $order_by, $order, null, "class='hide-sm-dn pct-25'");
+	echo th_order_by('recording_description', $text['label-description'], $order_by, $order, null, "class='hide-sm-dn pct-25'", $query_string);
 	$col_count++;
 	if (permission_exists('recording_edit') && $theme_list_row_edit_button == true) {
 		echo "	<td class='action-button'>&nbsp;</td>\n";
@@ -533,7 +543,7 @@
 			}
 			$list_row_url = '';
 			if (permission_exists('recording_edit')) {
-				$list_row_url = "recording_edit.php?id=".urlencode($row['recording_uuid']);
+				$list_row_url = "recording_edit.php?id=".urlencode($row['recording_uuid']).($query_string ? '&'.$query_string : '');
 				if ($row['domain_uuid'] != $_SESSION['domain_uuid'] && permission_exists('domain_select')) {
 					$list_row_url .= '&domain_uuid='.urlencode($row['domain_uuid']).'&domain_change=true';
 				}