diff --git a/main/mySpace/session_filter.php b/main/mySpace/session_filter.php
index 534c084c2f..244588e3bd 100644
--- a/main/mySpace/session_filter.php
+++ b/main/mySpace/session_filter.php
@@ -142,7 +142,7 @@ if (isset($_POST['formSent'])) {
                         break;
                     case ExtraField::FIELD_TYPE_RADIO:
                         $valueRadio = $_POST['extra_'.$field['variable']]['extra_'.$field['variable']];
-                        if ($extraFieldValueData['value'] != $resultRadio) {
+                        if ($extraFieldValueData['value'] != $valueRadio) {
                             unset($certificateList[$key]);
                         }
                         break;
@@ -155,7 +155,17 @@ if (isset($_POST['formSent'])) {
             }
         }
     }
-    $urlParam = http_build_query($_POST);
+
+    $params = [
+            'session_id' => (int) $_POST['session_id'],
+            'date_begin' => Security::remove_XSS($_POST['date_begin']),
+            'date_end' => Security::remove_XSS($_POST['date_end']),
+    ];
+
+    foreach ($filterCheckList as $field) {
+        $params['extra_'.$field['variable']] = Security::remove_XSS($_POST['extra_'.$field['variable']]);
+    }
+    $urlParam = http_build_query($params);
 }
 
 $htmlHeadXtra[] = "<script>
diff --git a/plugin/customcertificate/src/export_pdf_all_in_one.php b/plugin/customcertificate/src/export_pdf_all_in_one.php
index 1673336ef5..171679835a 100644
--- a/plugin/customcertificate/src/export_pdf_all_in_one.php
+++ b/plugin/customcertificate/src/export_pdf_all_in_one.php
@@ -145,12 +145,12 @@ foreach ($result as $value) {
                 $value['user_id'],
                 $fieldId
             );
-            
+
             if (empty($extraFieldValueData)) {
                 unset($certificateList[$key]);
                 break;
             }
-            
+
             switch ($field['field_type']) {
                 case ExtraField::FIELD_TYPE_TEXT:
                 case ExtraField::FIELD_TYPE_ALPHANUMERIC: