diff --git a/squid/edit_authparam.cgi b/squid/edit_authparam.cgi
index f01a94a3e..cdb3075a3 100755
--- a/squid/edit_authparam.cgi
+++ b/squid/edit_authparam.cgi
@@ -2,199 +2,136 @@
 # edit_authparam.cgi
 # A form for editing authentication programs
 
+use strict;
+use warnings;
+our (%text, %in, %access, $squid_version, %config, $auth_program);
 require './squid-lib.pl';
 $access{'authparam'} || &error($text{'authparam_ecannot'});
 &ui_print_header(undef, $text{'authparam_title'}, "", "edit_authparam", 0, 0, 0,
 	&restart_button());
-$conf = &get_config();
+my $conf = &get_config();
 
-print "<form action=save_authparam.cgi>\n";
-print "<table border width=100%>\n";
-print "<tr $tb> <td><b>$text{'authparam_header'}</b></td> </tr>\n";
-print "<tr $cb> <td><table width=100%>\n";
+print &ui_form_start("save_authparam.cgi", "post");
+print &ui_table_start($text{'authparam_header'}, "width=100%", 2);
 
 if ($squid_version >= 2.5) {
 	# Squid versions 2.5 and above use different config options for
 	# the external authentication program
-	local @auth = &find_config("auth_param", $conf);
+	my @auth = &find_config("auth_param", $conf);
 
 	# Show basic authentication options
-	local %basic = map { $_->{'values'}->[1], $_->{'values'} }
+	my %basic = map { $_->{'values'}->[1], $_->{'values'} }
 			grep { $_->{'values'}->[0] eq 'basic' } @auth;
-	print "<tr> <td valign=top><b>$text{'authparam_bprogram'}</b></td>\n";
-	print "<td nowrap>\n";
-	local @p = @{$basic{'program'}};
-	local $m = !@p ? 0 :
-		   $p[2] =~ /^(\S+)/ && $1 eq $auth_program ? 2 : 1;
-	printf "<input type=radio name=b_auth_mode value=0 %s> %s\n",
-		$m == 0 ? "checked" : "", $text{'none'};
-	printf "<input type=radio name=b_auth_mode value=2 %s> %s\n",
-		$m == 2 ? "checked" : "", $text{'eprogs_capweb'};
-	printf "<input type=radio name=b_auth_mode value=1 %s>\n",
-		$m == 1 ? "checked" : "";
-	printf "<input name=b_auth size=40 value='%s'> %s</td>\n",
-		$m == 1 ? join(" ", @p[2..$#p]) : "",
-		&file_chooser_button("b_auth");
-	print "</tr>\n";
+	my @p = @{$basic{'program'} || []};
+	my $m = !@p ? 0 : $p[2] =~ /^(\S+)/ && $1 eq $auth_program ? 2 : 1;
+	print &ui_table_row($text{'authparam_bprogram'},
+		&ui_radio("b_auth_mode", $m,
+			  [ [ 0, $text{'none'} ],
+			    [ 2, $text{'eprogs_capweb'} ],
+			    [ 1, &ui_filebox("b_auth",
+				$m == 1 ? join(" ", @p[2..$#p]) : "", 40) ] ]));
 
-	local $c = $basic{'children'}->[2];
-	print "<tr> <td><b>$text{'eprogs_noap'}</b></td> <td nowrap>\n";
-	printf "<input type=radio name=b_children_def value=1 %s> %s\n",
-		$c eq "" ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=b_children_def value=0 %s>\n",
-		$c eq "" ? "" : "checked";
-	printf "<input name=b_children size=5 value='%s'></td> </tr>\n", $c;
+	my $c = $basic{'children'}->[2];
+	print &ui_table_row($text{'eprogs_noap'},
+		&ui_opt_textbox("b_children", $c, 5, $text{'default'}));
 
-	local @t = @{$basic{'credentialsttl'}};
-	print "<tr> <td><b>$text{'eprogs_ttl'}</b></td>\n";
-	printf "<td nowrap><input type=radio name=b_ttl_def value=1 %s> %s\n",
-		!@t ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=b_ttl_def value=0 %s>\n",
-		!@t ? "" : "checked";
-	print &time_fields("b_ttl", 6, $t[2], $t[3]),"</td>\n";
+	my @t = @{$basic{'credentialsttl'} || []};
+	print &ui_table_row($text{'eprogs_ttl'},
+		&ui_radio("b_ttl_def", @t ? 0 : 1,
+			  [ [ 1, $text{'default'} ],
+			    [ 0, &time_fields("b_ttl", 6, $t[2], $t[3]) ] ]));
 
-	local @r = @{$basic{'realm'}};
-	local $r = join(" ", @r[2..$#r]);
-	print "<tr> <td><b>$text{'eprogs_realm'}</b></td> <td>\n";
-	printf "<input type=radio name=b_realm_def value=1 %s> %s\n",
-		$r eq "" ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=b_realm_def value=0 %s>\n",
-		$r eq "" ? "" : "checked";
-	printf "<input name=b_realm size=40 value='%s'></td> </tr>\n", $r;
+	my @r = @{$basic{'realm'} || []};
+	my $r = join(" ", @r[2..$#r]);
+	print &ui_table_row($text{'eprogs_realm'},
+		&ui_opt_textbox("b_realm", $r, 40, $text{'default'}));
 
 	# Show digest authentication options
-	print "<tr> <td colspan=2><hr></td> </tr>\n";
-	local %digest = map { $_->{'values'}->[1], $_->{'values'} }
+	print &ui_table_hr();
+	my %digest = map { $_->{'values'}->[1], $_->{'values'} }
 			grep { $_->{'values'}->[0] eq 'digest' } @auth;
-	print "<tr> <td valign=top><b>$text{'authparam_dprogram'}</b></td>\n";
-	print "<td nowrap>\n";
-	local @p = @{$digest{'program'}};
-	local $m = @p ? 1 : 0;
-	printf "<input type=radio name=d_auth_mode value=0 %s> %s\n",
-		$m == 0 ? "checked" : "", $text{'none'};
-	printf "<input type=radio name=d_auth_mode value=1 %s>\n",
-		$m == 1 ? "checked" : "";
-	printf "<input name=d_auth size=40 value='%s'> %s</td>\n",
-		$m == 1 ? join(" ", @p[2..$#p]) : "",
-		&file_chooser_button("d_auth");
-	print "</tr>\n";
+	my @p = @{$digest{'program'} || []};
+	my $m = @p ? 1 : 0;
+	print &ui_table_row($text{'authparam_dprogram'},
+		&ui_radio("d_auth_mode", $m,
+			  [ [ 0, $text{'none'} ],
+			    [ 1, &ui_filebox("d_auth",
+				$m == 1 ? join(" ", @p[2..$#p]) : "", 40) ] ]));
 
-	local $c = $digest{'children'}->[2];
-	print "<tr> <td><b>$text{'eprogs_noap'}</b></td> <td nowrap>\n";
-	printf "<input type=radio name=d_children_def value=1 %s> %s\n",
-		$c eq "" ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=d_children_def value=0 %s>\n",
-		$c eq "" ? "" : "checked";
-	printf "<input name=d_children size=5 value='%s'></td>\n", $c;
+	my $c = $digest{'children'}->[2];
+	print &ui_table_row($text{'eprogs_noap'},
+		&ui_opt_textbox("d_children", $c, 5, $text{'default'}));
 
-	local @r = @{$digest{'realm'}};
-	local $r = join(" ", @r[2..$#r]);
-	print "<tr> <td><b>$text{'eprogs_realm'}</b></td> <td>\n";
-	printf "<input type=radio name=d_realm_def value=1 %s> %s\n",
-		$r eq "" ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=d_realm_def value=0 %s>\n",
-		$r eq "" ? "" : "checked";
-	printf "<input name=d_realm size=40 value='%s'></td> </tr>\n", $r;
+	my @r = @{$digest{'realm'} || []};
+	my $r = join(" ", @r[2..$#r]);
+	print &ui_table_row($text{'eprogs_realm'},
+		&ui_opt_textbox("d_realm", $r, 40, $text{'default'}));
+
+	print &ui_table_hr();
 
 	# Show NTML authentication options
-	print "<tr> <td colspan=2><hr></td> </tr>\n";
-	local %ntlm = map { $_->{'values'}->[1], $_->{'values'} }
+	my %ntlm = map { $_->{'values'}->[1], $_->{'values'} }
 			grep { $_->{'values'}->[0] eq 'ntlm' } @auth;
-	print "<tr> <td valign=top><b>$text{'authparam_nprogram'}</b></td>\n";
-	print "<td nowrap>\n";
-	local @p = @{$ntlm{'program'}};
-	local $m = @p ? 1 : 0;
-	printf "<input type=radio name=n_auth_mode value=0 %s> %s\n",
-		$m == 0 ? "checked" : "", $text{'none'};
-	printf "<input type=radio name=n_auth_mode value=1 %s>\n",
-		$m == 1 ? "checked" : "";
-	printf "<input name=n_auth size=40 value='%s'> %s</td>\n",
-		$m == 1 ? join(" ", @p[2..$#p]) : "",
-		&file_chooser_button("n_auth");
-	print "</tr>\n";
+	my @p = @{$ntlm{'program'} || []};
+	my $m = @p ? 1 : 0;
+	print &ui_table_row($text{'authparam_nprogram'},
+		&ui_radio("n_auth_mode", $m,
+			  [ [ 0, $text{'none'} ],
+			    [ 1, &ui_filebox("n_auth",
+				$m == 1 ? join(" ", @p[2..$#p]) : "", 40) ] ]));
 
-	local $c = $ntlm{'children'}->[2];
-	print "<tr> <td><b>$text{'eprogs_noap'}</b></td> <td nowrap>\n";
-	printf "<input type=radio name=n_children_def value=1 %s> %s\n",
-		$c eq "" ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=n_children_def value=0 %s>\n",
-		$c eq "" ? "" : "checked";
-	printf "<input name=n_children size=5 value='%s'></td> </tr>\n", $c;
+	my $c = $ntlm{'children'}->[2];
+	print &ui_table_row($text{'eprogs_noap'},
+		&ui_opt_textbox("n_children", $c, 5, $text{'default'}));
 
-	local $r = $ntlm{'max_challenge_reuses'}->[2];
-	print "<tr> <td><b>$text{'authparam_reuses'}</b></td> <td nowrap>\n";
-	printf "<input type=radio name=n_reuses_def value=1 %s> %s\n",
-		$r eq "" ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=n_reuses_def value=0 %s>\n",
-		$r eq "" ? "" : "checked";
-	printf "<input name=n_reuses size=5 value='%s'></td> </tr>\n", $r;
+	my $r = $ntlm{'max_challenge_reuses'}->[2];
+	print &ui_table_row($text{'authparam_reuses'},
+		&ui_opt_textbox("n_reuses", $r, 5, $text{'default'}));
 
-	local @t = @{$ntlm{'max_challenge_lifetime'}};
-	print "<tr> <td><b>$text{'authparam_lifetime'}</b></td>\n";
-	printf "<td nowrap><input type=radio name=n_ttl_def value=1 %s> %s\n",
-		!@t ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=n_ttl_def value=0 %s>\n",
-		!@t ? "" : "checked";
-	print &time_fields("n_ttl", 6, $t[2], $t[3]),"</td> </tr>\n";
+	my @t = @{$ntlm{'max_challenge_lifetime'} || []};
+	print &ui_table_row($text{'authparam_lifetime'},
+		&ui_radio("n_ttl_def", @t ? 0 : 1,
+			  [ [ 1, $text{'default'} ],
+			    [ 0, &time_fields("n_ttl", 6, $t[2], $t[3]) ] ]));
 	}
 elsif ($squid_version >= 2) {
 	# Squid versions 2 and above use a single external
 	# authentication program
-	print "<tr>\n";
-	local $v = &find_config("authenticate_program", $conf);
-	print "<td valign=top><b>$text{'eprogs_cap'}</b></td>\n";
-	print "<td nowrap>\n";
-	local $m = !$v ? 0 :
-		   $v->{'value'} =~ /^(\S+)/ && $1 eq $auth_program ? 2 : 1;
-	printf "<input type=radio name=auth_mode value=0 %s> %s\n",
-		$m == 0 ? "checked" : "", $text{'none'};
-	printf "<input type=radio name=auth_mode value=2 %s> %s\n",
-		$m == 2 ? "checked" : "", $text{'eprogs_capweb'};
-	printf "<input type=radio name=auth_mode value=1 %s>\n",
-		$m == 1 ? "checked" : "";
-	printf "<input name=auth size=40 value='%s'> %s</td>\n",
-		$m == 1 ? $v->{'value'} : "", &file_chooser_button("auth");
-	print "</tr>\n";
+	my $v = &find_config("authenticate_program", $conf);
+	my $m = !$v ? 0 :
+		$v->{'value'} =~ /^(\S+)/ && $1 eq $auth_program ? 2 : 1;
+	print &ui_table_row($text{'eprogs_cap'},
+		&ui_radio("auth_mode", $m,
+			[ [ 0, $text{'none'} ],
+			  [ 2, $text{'eprogs_capweb'} ],
+			  [ 1, &ui_filebox("auth",
+				$m == 1 ? $v->{'value'} : "", 40) ] ]));
 
-        print "<tr>\n";
         print &opt_input($text{'eadm_par'}, "proxy_auth_realm",
                          $conf, $text{'eadm_default'}, 40); 
-        print "</tr>\n";      
 
-	print "<tr>\n";
 	print &opt_input($text{'eprogs_noap'},
 			 "authenticate_children", $conf, $text{'default'}, 6);
-	print "</tr>\n";
 
 	if ($squid_version >= 2.4) {
-		print "<tr>\n";
 		print &opt_time_input($text{'authparam_ttl'},
 		    "authenticate_ttl", $conf, $text{'default'}, 6);
-		print "</tr>\n";
-		print "<tr>\n";
 		print &opt_time_input($text{'authparam_ipttl'},
 		    "authenticate_ip_ttl", $conf, $text{'authparam_never'}, 6);
-		print "</tr>\n";
 		}
 	}
-print "<tr> <td colspan=2><hr></td> </tr>\n";
-print "<tr> <td colspan=2>".$text{'authparam_mui_msg'}."</td> </tr>\n";
-	print "<tr> <td colspan=2><hr></td> </tr>\n";
-# my stuff
-	local $taa = &find_value("authenticate_ip_ttl", $conf);
-	if($taa ne ""){
-		(@ta[0],@ta[1])=split(/\s+/,$taa);
-	}
-	print "<tr> <td><b>$text{'eprogs_aittl'}</b></td>\n";
-	printf "<td nowrap><input type=radio name=b_aittl_def value=1 %s> %s\n",
-		!@ta ? "checked" : "", $text{'default'};
-	printf "<input type=radio name=b_aittl_def value=0 %s>\n",
-		!@ta ? "" : "checked";
-	print &time_fields("b_aittl", 6, $ta[0], $ta[1]),"</td></tr>\n";
-	print "<tr> <td colspan=2><hr></td> </tr>\n";
-# end my stuff
-print "</table></td></tr></table>\n";
-print "<input type=submit value='$text{'buttsave'}'></form>\n";
+
+print &ui_table_hr();
+
+my $taa = &find_value("authenticate_ip_ttl", $conf);
+my @ta = split(/\s+/,$taa);
+print &ui_table_row($text{'eprogs_aittl'},
+	&ui_radio("b_aittl_def", @ta ? 0 : 1,
+		  [ [ 1, $text{'default'} ],
+		    [ 0, &time_fields("b_aittl", 6, $ta[0], $ta[1]) ] ]));
+
+print &ui_table_end();
+print &ui_form_end([ [ undef, $text{'buttsave'} ] ]);
 
 &ui_print_footer("", $text{'eprogs_return'});
 
diff --git a/squid/lang/en b/squid/lang/en
index 7087fe45f..5776e451c 100644
--- a/squid/lang/en
+++ b/squid/lang/en
@@ -642,6 +642,7 @@ sprog_emsg6='$1' is not a valid column width
 sprog_emsg7=No DNS servers entered
 sprog_emsg8='$1' is not a valid IP address
 sprog_emsg9='$1' is not a valid cache time
+sprog_emsg10='$1' is not a valid TTL
 
 suser_ftsu=Failed to save user
 suser_emsg1=Invalid or missing username
diff --git a/squid/save_authparam.cgi b/squid/save_authparam.cgi
index a30314834..49408a53a 100755
--- a/squid/save_authparam.cgi
+++ b/squid/save_authparam.cgi
@@ -2,22 +2,27 @@
 # save_authparam.cgi
 # Save authentication program options
 
+use strict;
+use warnings;
+our (%text, %in, %access, $squid_version, %config, $auth_program,
+     $auth_database, $module_root_directory, $module_config_directory);
 require './squid-lib.pl';
 $access{'authparam'} || &error($text{'authparam_ecannot'});
 &ReadParse();
 &lock_file($config{'squid_conf'});
-$conf = &get_config();
+my $conf = &get_config();
 &error_setup($text{'authparam_err'});
 
 if ($squid_version >= 2.5) {
-	local @auth = &find_config("auth_param", $conf);
+	my @auth = &find_config("auth_param", $conf);
 
 	# Save basic authentication options
 	if ($in{'b_auth_mode'} == 0) {
 		&save_auth(\@auth, "basic", "program");
 		}
 	elsif ($in{'b_auth_mode'} == 2) {
-		&system_logged("cp $module_root_directory/squid-auth.pl $module_config_directory");
+		&copy_source_dest("$module_root_directory/squid-auth.pl",
+				  "$module_config_directory/squid-auth.pl");
 		&save_auth(\@auth, "basic", "program", "$auth_program $auth_database");
 		&system_logged("chmod a+rx $auth_program $auth_database");
 		}
@@ -38,7 +43,7 @@ if ($squid_version >= 2.5) {
 		}
 	else {
 		$in{'b_ttl'} =~ /^\d+$/ ||
-			&error(&text('sprog_emsg6', $in{'b_ttl'}));
+			&error(&text('sprog_emsg10', $in{'b_ttl'}));
 		&save_auth(\@auth, "basic", "credentialsttl",
 				 $in{'b_ttl'}." ".$in{'b_ttl_u'});
 		}
@@ -49,14 +54,17 @@ if ($squid_version >= 2.5) {
 		&save_auth(\@auth, "basic", "realm", $in{'b_realm'});
 		}
 	if ($in{'b_aittl_def'}) {
-			&save_directive($conf, "authenticate_ip_ttl",[ ]);
-	}else{
-		$in{'b_aittl'} =~ /^\d+$/ ||&error(&text('sprog_emsg6', $in{'b_aittl'}));
-		@baittl[0]= $in{'b_aittl'}." ".$in{'b_aittl_u'};
-			&save_directive($conf, "authenticate_ip_ttl",
-				[ { 'name' => 'authenticate_ip_ttl',
-			    	'values' => \@baittl }]);
-	}
+		&save_directive($conf, "authenticate_ip_ttl",[ ]);
+		}
+	else {
+		$in{'b_aittl'} =~ /^\d+$/ ||
+			&error(&text('sprog_emsg10', $in{'b_aittl'}));
+		my @baittl= ( $in{'b_aittl'}." ".$in{'b_aittl_u'} );
+		&save_directive($conf, "authenticate_ip_ttl",
+			[ { 'name' => 'authenticate_ip_ttl',
+			'values' => \@baittl }]);
+		}
+
 	# Save digest authentication options
 	if ($in{'d_auth_mode'} == 0) {
 		&save_auth(\@auth, "digest", "program");
@@ -122,7 +130,8 @@ elsif ($squid_version >= 2) {
 		&save_directive($conf, "authenticate_program", [ ]);
 		}
 	elsif ($in{'auth_mode'} == 2) {
-		&system_logged("cp $module_root_directory/squid-auth.pl $module_config_directory");
+		&copy_source_dest("$module_root_directory/squid-auth.pl",
+				  "$module_config_directory/squid-auth.pl");
 		&save_directive($conf, "authenticate_program",
 			[ { 'name' => 'authenticate_program',
 			    'values' => [ "$auth_program $auth_database" ] } ]);
@@ -163,8 +172,8 @@ return $_[0] =~ /^\d+$/ ? undef : &text('sprog_emsg5',$_[0]);
 # save_auth(&auth, type, name, [value])
 sub save_auth
 {
-local ($old) = grep { $_->{'values'}->[0] eq $_[1] &&
-		      $_->{'values'}->[1] eq $_[2] } @{$_[0]};
+my ($old) = grep { $_->{'values'}->[0] eq $_[1] &&
+		   $_->{'values'}->[1] eq $_[2] } @{$_[0]};
 if ($old && @_ > 3) {
 	# Replace value
 	$old->{'values'} = [ $_[1], $_[2], $_[3] ];