diff --git a/app/dialplans/dialplan_add.php b/app/dialplans/dialplan_add.php
index 08431a01bd..f5ca554160 100644
--- a/app/dialplans/dialplan_add.php
+++ b/app/dialplans/dialplan_add.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2018
+	Portions created by the Initial Developer are Copyright (C) 2008-2019
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -28,6 +28,7 @@
 	include "root.php";
 	require_once "resources/require.php";
 	require_once "resources/check_auth.php";
+	require_once "resources/paging.php";
 
 //check permissions
 	if (permission_exists('dialplan_add')) {
@@ -42,11 +43,6 @@
 	$language = new text;
 	$text = $language->get();
 
-//additional includes
-	require_once "resources/header.php";
-	$document['title'] = $text['title-dialplan_add'];
-	require_once "resources/paging.php";
-
 //set the variables
 	if (count($_POST) > 0) {
 		$dialplan_name = $_POST["dialplan_name"];
@@ -85,6 +81,15 @@
 
 //add or update data from http post
 	if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
+
+		//validate the token
+			$token = new token;
+			if (!$token->validate($_SERVER['PHP_SELF'])) {
+				message::add($text['message-invalid_token'],'negative');
+				header('Location: dialplans.php');
+				exit;
+			}
+
 		//check for all required data
 			if (strlen($domain_uuid) == 0) { $msg .= $text['message-required']."domain_uuid<br>\n"; }
 			if (strlen($dialplan_name) == 0) { $msg .= $text['message-required'].$text['label-name']."<br>\n"; }
@@ -219,37 +224,39 @@
 	}
 	-->
 	</script>
+	<?php
+
+//create token
+	$object = new token;
+	$token = $object->create($_SERVER['PHP_SELF']);
+
+//include the header
+	$document['title'] = $text['title-dialplan_add'];
+	require_once "resources/header.php";
 
-<?php
 //show the content
-	echo "<form method='post' name='frm' action=''>\n";
-	echo " 	<table width=\"100%\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n";
-	echo "	<tr>\n";
-	echo "		<td align='left'>\n";
-	echo "			<span class=\"title\">".$text['header-dialplan-add']."</span>\n";
-	echo "		</td>\n";
-	echo "		<td align='right'>\n";
-	echo "			<input type='button' class='btn' name='' alt='".$text['button-advanced']."' onclick=\"window.location='dialplan_edit.php'\" value='".$text['button-advanced']."'>\n";
-	echo "			<input type='button' class='btn' name='' alt='".$text['button-back']."' onclick=\"window.location='dialplans.php'\" value='".$text['button-back']."'>\n";
-	echo "			<input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	
-	echo "	<tr>\n";
-	echo "		<td align='left' colspan='2'>\n";
-	echo "			<br><span class=\"vexpl\">".$text['description-dialplan_manager-superadmin']."</span>\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "	</table>";
-	echo "<br />\n";
-	
+	echo "<form method='post' name='frm'>\n";
+
+	echo "<div class='action_bar' id='action_bar'>\n";
+	echo "	<div class='heading'><b>".$text['header-dialplan-add']."</b></div>\n";
+	echo "	<div class='actions'>\n";
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'link'=>'dialplans.php']);
+	echo button::create(['type'=>'button','label'=>$text['button-advanced'],'icon'=>'tools','style'=>'margin-left: 15px;','link'=>'dialplan_edit.php']);
+	echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'style'=>'margin-left: 15px;']);
+	echo "	</div>\n";
+	echo "	<div style='clear: both;'></div>\n";
+	echo "</div>\n";
+
+	echo $text['description-dialplan_manager-superadmin']."\n";
+	echo "<br /><br />\n";
+
 	echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
 	
 	echo "<tr>\n";
-	echo "<td class='vncellreq' valign='top' align='left' nowrap>\n";
+	echo "<td width='30%' class='vncellreq' valign='top' align='left' nowrap>\n";
 	echo "	".$text['label-name']."\n";
 	echo "</td>\n";
-	echo "<td class='vtable' align='left'>\n";
+	echo "<td width='70%' class='vtable' align='left'>\n";
 	echo "	<input class='formfld' type='text' name='dialplan_name' maxlength='255' value=\"".escape($dialplan_name)."\">\n";
 	echo "<br />\n";
 	echo "\n";
@@ -541,22 +548,18 @@
 	echo "		<br />\n";
 	echo "	</td>\n";
 	echo "</tr>\n";
-	
-	echo "<tr>\n";
-	echo "	<td colspan='5' align='right'>\n";
-	if ($action == "update") {
-		echo "	<input type='hidden' name='dialplan_uuid' value='".escape($dialplan_uuid)."'>\n";
-	}
-	echo "		<br>";
-	echo "		<input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
-	echo "	</td>\n";
-	echo "</tr>";
-	
+
 	echo "</table>";
 	echo "<br><br>";
+
+	if ($action == "update") {
+		echo "<input type='hidden' name='dialplan_uuid' value='".escape($dialplan_uuid)."'>\n";
+	}
+	echo "<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
+
 	echo "</form>";
 
 //include the footer
 	require_once "resources/footer.php";
 
-?>
+?>
\ No newline at end of file
diff --git a/app/dialplans/dialplan_edit.php b/app/dialplans/dialplan_edit.php
index 8d74e06f65..74a00e98e4 100644
--- a/app/dialplans/dialplan_edit.php
+++ b/app/dialplans/dialplan_edit.php
@@ -26,7 +26,7 @@
 */
 
 //includes
-	include "root.php";
+	require_once "root.php";
 	require_once "resources/require.php";
 	require_once "resources/check_auth.php";
 	require_once "resources/paging.php";
@@ -258,7 +258,6 @@
 		$dialplan_destination = 'false';
 	}
 
-
 //get the dialplan details in an array
 	$sql = "select * from v_dialplan_details ";
 	$sql .= "where dialplan_uuid = :dialplan_uuid ";
@@ -360,8 +359,8 @@
 	$token = $object->create($_SERVER['PHP_SELF']);
 
 //show the header
-	require_once "resources/header.php";
 	$document['title'] = $text['title-dialplan_edit'];
+	require_once "resources/header.php";
 
 //javascript to change select to input and back again
 	?><script language="javascript">
@@ -394,34 +393,28 @@
 			obj[0].parentNode.removeChild(obj[2]);
 		}
 	</script>
-<?php
+	<?php
 
 //show the content
 	echo "<form method='post' name='frm' action=''>\n";
-	echo "<input type='hidden' name='app_uuid' value='".escape($app_uuid)."'>\n";
 
-	echo "<table width='100%' border='0' cellpadding='0' cellspacing='1'>\n";
-	echo "	<tr>\n";
-	echo "		<td align='left' width='30%'>\n";
-	echo "			<span class='title'>".$text['title-dialplan_edit']."</span><br />\n";
-	echo "		</td>\n";
-	echo "		<td width='70%' align='right'>\n";
-	echo "			<input type='button' class='btn' name='' alt='".$text['button-back']."' onclick=\"window.location='dialplans.php".(is_uuid($app_uuid) ? "?app_uuid=".escape($app_uuid) : null)."';\" value='".$text['button-back']."'>\n";
-	if (permission_exists('dialplan_xml')) {
-		echo "			<input type='button' class='btn' name='' alt='".$text['button-xml']."' onclick=\"window.location='dialplan_xml.php?id=".escape($dialplan_uuid).(is_uuid($app_uuid) ? "&app_uuid=".escape($app_uuid) : null)."';\" value='".$text['button-xml']."'>\n";
+	echo "<div class='action_bar' id='action_bar'>\n";
+	echo "	<div class='heading'><b>".$text['title-dialplan_edit']."</b></div>\n";
+	echo "	<div class='actions'>\n";
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'link'=>'dialplans.php'.(is_uuid($app_uuid) ? "?app_uuid=".urlencode($app_uuid) : null)]);
+	if ($action == 'update') {
+		echo button::create(['type'=>'button','label'=>$text['button-copy'],'icon'=>$_SESSION['theme']['button_icon_copy'],'style'=>'margin-left: 15px;','link'=>'dialplan_copy.php?id='.urlencode($dialplan_uuid),'onclick'=>"if (!confirm('".$text['confirm-copy']."')) { this.blur(); return false; }"]);
+		if (permission_exists('dialplan_xml')) {
+			echo button::create(['type'=>'button','label'=>$text['button-xml'],'icon'=>'code','link'=>'dialplan_xml.php?id='.urlencode($dialplan_uuid).(is_uuid($app_uuid) ? "?app_uuid=".urlencode($app_uuid) : null)]);
+		}
 	}
-	echo "			<input type='button' class='btn' name='' alt='".$text['button-copy']."' onclick=\"if (confirm('".$text['confirm-copy']."')){ window.location='dialplan_copy.php?id=".escape($dialplan_uuid)."'; }\" value='".$text['button-copy']."'>\n";
-	echo "			<input type='submit' class='btn' value='".$text['button-save']."'>\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "	<tr>\n";
-	echo "		<td align='left' colspan='2'>\n";
-	echo "			".$text['description-dialplan-edit']."\n";
-	echo "			\n";
-	echo "		</td>\n";
-	echo "	</tr>\n";
-	echo "</table>";
-	echo "<br />\n";
+	echo button::create(['type'=>'submit','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'style'=>'margin-left: 15px;']);
+	echo "	</div>\n";
+	echo "	<div style='clear: both;'></div>\n";
+	echo "</div>\n";
+
+	echo $text['description-dialplan-edit']."\n";
+	echo "<br /><br />\n";
 
 	echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
 	echo "<tr>\n";
@@ -885,18 +878,17 @@
 
 	} //end if update
 
-	echo "<br>\n";
-	echo "<div align='right'>\n";
+	echo "<br /><br />\n";
+
+	echo "<input type='hidden' name='app_uuid' value='".escape($app_uuid)."'>\n";
 	if ($action == "update") {
 		echo "	<input type='hidden' name='dialplan_uuid' value='".escape($dialplan_uuid)."'>\n";
 	}
 	echo "	<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
-	echo "	<input type='submit' class='btn' value='".$text['button-save']."'>\n";
-	echo "</div>\n";
-	echo "<br><br>\n";
+
 	echo "</form>";
 
 //show the footer
 	require_once "resources/footer.php";
 
-?>
+?>
\ No newline at end of file
diff --git a/app/dialplans/dialplan_xml.php b/app/dialplans/dialplan_xml.php
index 82d0be72fb..e7dac74ba4 100644
--- a/app/dialplans/dialplan_xml.php
+++ b/app/dialplans/dialplan_xml.php
@@ -17,7 +17,7 @@
 
 	The Initial Developer of the Original Code is
 	Mark J Crane <markjcrane@fusionpbx.com>
-	Portions created by the Initial Developer are Copyright (C) 2008-2016
+	Portions created by the Initial Developer are Copyright (C) 2008-2019
 	the Initial Developer. All Rights Reserved.
 
 	Contributor(s):
@@ -26,7 +26,7 @@
 */
 
 //includes
-	include "root.php";
+	require_once "root.php";
 	require_once "resources/require.php";
 	require_once "resources/check_auth.php";
 
@@ -71,6 +71,14 @@
 //process the HTTP POST
 	if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) {
 		
+		//validate the token
+			$token = new token;
+			if (!$token->validate($_SERVER['PHP_SELF'])) {
+				message::add($text['message-invalid_token'],'negative');
+				header('Location: dialplans.php');
+				exit;
+			}
+
 		//build the dialplan array
 			$x = 0;
 			//$array['dialplans'][$x]["domain_uuid"] = $_SESSION['domain_uuid'];
@@ -108,9 +116,13 @@
 	$setting_indenting = $_SESSION["editor"]["indent_guides"]["boolean"] != '' ? $_SESSION["editor"]["indent_guides"]["boolean"] : 'false';
 	$setting_numbering = $_SESSION["editor"]["line_numbers"]["boolean"] != '' ? $_SESSION["editor"]["line_numbers"]["boolean"] : 'true';
 
+//create token
+	$object = new token;
+	$token = $object->create($_SERVER['PHP_SELF']);
+
 //show the header
-	require_once "resources/header.php";
 	$document['title'] = $text['title-dialplan_edit'].' XML';
+	require_once "resources/header.php";
 
 //scripts and styles
 	echo "<script language='JavaScript' type='text/javascript'>\n";
@@ -178,26 +190,20 @@
 
 //show the content
 	echo "<form method='post' name='frm' id='frm'>\n";
-	echo "	<input type='hidden' name='app_uuid' value='".escape($app_uuid)."'>\n";
-	echo "	<input type='hidden' name='dialplan_uuid' value='".escape($dialplan_uuid)."'>\n";
+
+	echo "<div class='action_bar' id='action_bar'>\n";
+	echo "	<div class='heading'><b>".$text['title-dialplan_edit']." XML</b></div>\n";
+	echo "	<div class='actions'>\n";
+	echo button::create(['type'=>'button','label'=>$text['button-back'],'icon'=>$_SESSION['theme']['button_icon_back'],'link'=>'dialplan_edit.php?id='.urlencode($dialplan_uuid).(is_uuid($app_uuid) ? "&app_uuid=".urlencode($app_uuid) : null)]);
+	echo button::create(['type'=>'button','label'=>$text['button-save'],'icon'=>$_SESSION['theme']['button_icon_save'],'style'=>'margin-left: 15px;','onclick'=>"set_value(); $('#frm').submit();"]);
+	echo "	</div>\n";
+	echo "	<div style='clear: both;'></div>\n";
+	echo "</div>\n";
+
+	echo $text['description-dialplan-edit']."\n";
+	echo "<br />\n";
+
 	echo "	<textarea name='dialplan_xml' id='dialplan_xml' style='display: none;'>".$dialplan_xml."</textarea>";
-	echo "	<table width='100%' border='0' cellpadding='0' cellspacing='1'>\n";
-	echo "		<tr>\n";
-	echo "			<td align='left' width='30%'>\n";
-	echo "				<span class='title'>".$text['title-dialplan_edit']." XML</span><br />\n";
-	echo "			</td>\n";
-	echo "			<td width='70%' align='right'>\n";
-	echo "				<input type='button' class='btn' name='' alt='".$text['button-back']."' onclick=\"window.location='dialplan_edit.php?id=".urlencode($dialplan_uuid).(is_uuid($app_uuid) ? "&app_uuid=".urlencode($app_uuid) : null)."';\" value='".$text['button-back']."'>\n";
-	echo "				<input type='button' class='btn' value='".$text['button-save']."' onclick=\"set_value(); $('#frm').submit();\">\n";
-	echo "			</td>\n";
-	echo "		</tr>\n";
-	echo "		<tr>\n";
-	echo "			<td align='left' colspan='2'>\n";
-	echo "				".$text['description-dialplan-edit']."\n";
-	echo "			</td>\n";
-	echo "		</tr>\n";
-	echo "	</table>";
-	//echo "	<br />\n";
 	echo "	<table cellpadding='0' cellspacing='0' border='0' style='width: 100%;'>\n";
 	echo "		<tr>\n";
 	echo "			<td valign='middle' style='padding: 0 6px;' width='100%'><span id='description'></span></td>\n";
@@ -208,7 +214,7 @@
 // 	echo "			<td valign='middle' style='padding-left: 6px;'><img src='resources/images/icon_replace.png' title='Show Find/Replace [Ctrl+H]' class='control' onclick=\"editor.execCommand('replace');\"></td>\n";
 	echo "			<td valign='middle' style='padding-left: 6px;'><img src='resources/images/icon_goto.png' title='Show Go To Line' class='control' onclick=\"editor.execCommand('gotoline');\"></td>\n";
 	echo "			<td valign='middle' style='padding-left: 4px;'>\n";
-	echo "				<select id='size' style='height: 23px;' onchange=\"document.getElementById('editor').style.fontSize = this.options[this.selectedIndex].value; focus_editor();\">\n";
+	echo "				<select id='size' class='formfld' onchange=\"document.getElementById('editor').style.fontSize = this.options[this.selectedIndex].value; focus_editor();\">\n";
 	$sizes = explode(',','9px,10px,11px,12px,14px,16px,18px,20px');
 	if (!in_array($setting_size, $sizes)) {
 		echo "				<option value='".$setting_size."'>".escape($setting_size)."</option>\n";
@@ -221,7 +227,7 @@
 	echo "				</select>\n";
 	echo "			</td>\n";
 	echo "			<td valign='middle' style='padding-left: 4px; padding-right: 0px;'>\n";
-	echo "				<select id='theme' style='height: 23px;' onchange=\"editor.setTheme('ace/theme/' + this.options[this.selectedIndex].value); focus_editor();\">\n";
+	echo "				<select id='theme' class='formfld' onchange=\"editor.setTheme('ace/theme/' + this.options[this.selectedIndex].value); focus_editor();\">\n";
 	$themes['Light']['chrome']= 'Chrome';
 	$themes['Light']['clouds']= 'Clouds';
 	$themes['Light']['crimson_editor']= 'Crimson Editor';
@@ -270,10 +276,14 @@
 	echo "		</tr>\n";
 	echo "	</table>\n";
 	echo "	<div id='editor'></div>\n";
+	echo "	<br />\n";
+
+	echo "	<input type='hidden' name='app_uuid' value='".escape($app_uuid)."'>\n";
+	echo "	<input type='hidden' name='dialplan_uuid' value='".escape($dialplan_uuid)."'>\n";
+	echo "	<input type='hidden' name='".$token['name']."' value='".$token['hash']."'>\n";
 
 	echo "</form>\n";
 
-
 	echo "<script type='text/javascript' src='".PROJECT_PATH."/resources/ace/ace.js' charset='utf-8'></script>\n";
 	echo "<script type='text/javascript'>\n";
 
@@ -310,4 +320,4 @@
 //show the footer
 	require_once "resources/footer.php";
 
-?>
+?>
\ No newline at end of file