An Android file management application that allows users to browse, scan, and organize files on their device's storage with password protection.
FileLocker is a simple Android file browser that provides:
- Password-protected access to the application
- File system navigation with folder browsing
- File type detection and categorization
- Scanning for specific file types (images, PDFs)
- Thumbnail generation for image files
- Password Protection: Create and manage a password to secure the app
- File Browsing: Navigate through device storage and SD cards
- File Type Detection: Automatically identifies file types based on file headers
- Media Scanning: Quick scan for images and PDF files across storage
- Thumbnail Preview: Generate and display thumbnails for image files
- Multiple Storage Support: Detects and browses multiple storage locations
- Android SDK 23 (Android 6.0 Marshmallow)
- Minimum SDK: 15 (Android 4.0.3 Ice Cream Sandwich)
- Target SDK: 23 (Android 6.0 Marshmallow)
- Java
-
Clone the repository:
git clone https://github.com/mhan8796/fileLocker.git cd fileLocker -
Build the project using Gradle:
./gradlew build
-
Install on an Android device or emulator:
./gradlew installDebug
- First Launch: Create a password when prompted
- Subsequent Launches: Enter your password to access the app
- Menu Options:
- All files: Browse the complete file system
- Image: Scan and view all image files
- PDF: Scan and view all PDF files
- Navigation: Use the back button in the action bar to navigate up the directory tree
app/src/main/java/com/example/guohuan/filelocker/
├── MainActivity.java # Login/Password entry point
├── menuActivity.java # Main menu with file type options
├── fileSystem.java # File browser implementation
├── scanfileActivity.java # Activity for scanned file results
├── scanAs.java # Background file scanning logic
├── MyDbHelper.java # SQLite database helper for password storage
├── fileType.java # File type detection using file headers
├── method.java # Utility methods for image processing
└── loadImageFileAs.java # Async image loading for thumbnails
The app requires the following permissions:
INTERNET- Network accessACCESS_WIFI_STATE- WiFi state informationMOUNT_UNMOUNT_FILESYSTEMS- File system mountingACCESS_NETWORK_STATE- Network state informationREAD_EXTERNAL_STORAGE- Read files from external storageWRITE_EXTERNAL_STORAGE- Write files to external storageGET_ACCOUNTS- Access user accountsREAD_PROFILE- Read user profileREAD_CONTACTS- Read contacts
See the Issues section below for a comprehensive list of problems and areas for improvement.
Contributions are welcome! Please feel free to submit a Pull Request.
This project is provided as-is for educational purposes.
Mingrui Han - mhan8796@gmail.com
- Plain Text Password Storage: Passwords are stored in plain text in SQLite database without encryption or hashing
- SQL Injection Vulnerability: Raw SQL queries are used instead of prepared statements
- Dangerous Runtime Execution: Uses
Runtime.exec("mount")which could be exploited - Excessive Permissions: Requests unnecessary permissions (GET_ACCOUNTS, READ_CONTACTS, READ_PROFILE) unrelated to core functionality
- Obsolete Android SDK: Uses SDK 23 (Android 6.0, released 2015) - severely outdated
- Deprecated Support Library: Uses
com.android.support:appcompat-v7:23.1.0instead of AndroidX - Deprecated Gradle Plugin: Uses Gradle plugin 1.3.0 instead of modern versions
- Deprecated jcenter Repository: jcenter has been shut down and should be replaced with Maven Central
- Deprecated AsyncTask: Uses AsyncTask which is deprecated in API 30
- Deprecated getDrawable(): Uses deprecated
getDrawable()method instead ofContextCompat.getDrawable()
- No Actual File Locking: Despite the name "FileLocker", the app doesn't actually lock or encrypt files
- Memory Leaks: Bitmap arrays stored in memory without proper cleanup
- Poor Lifecycle Management: No proper handling of Activity lifecycle events
- Inconsistent Error Handling: Empty catch blocks and silent failures throughout
- Hardcoded Package Name: Uses
com.example.guohuan.filelockerwhich should be changed for production - Deprecated Stack Usage: Uses
Stackinstead of modernDequeimplementations - Magic Numbers: Hardcoded values like
REQUIRED_SIZE = 70without explanation - Code Duplication: Similar adapter logic duplicated across multiple activities
- Missing Null Checks: Insufficient null checks before file operations
- No Input Validation: Password field lacks complexity requirements or validation
- Inefficient Image Loading: Loads full images before scaling instead of using proper sampling
- Blocking UI Operations: File scanning on main thread could cause ANRs
- No Caching: Thumbnails are not cached, causing repeated loading
- Inefficient File Scanning: Recursive scanning without optimization for large directories
- Incomplete File Type Support: Limited file type detection (mainly images and PDFs)
- No File Operations: Cannot open, delete, move, or share files
- No Search Functionality: No way to search for specific files
- Broken Navigation: Back button logic is complex and potentially buggy
- No Settings: No way to change password or configure app settings
- No Help/Documentation: No in-app help or user guidance
- Outdated Build Tools: Uses buildToolsVersion "23.0.2"
- No ProGuard Rules: ProGuard is disabled in release builds
- Missing Version Control: No .gitignore for sensitive files
- No CI/CD: No automated testing or deployment configuration
- No Dependency Management: No lockfile for Gradle dependencies
- No Unit Tests: No test coverage for any components
- No Integration Tests: No testing of user flows
- No UI Tests: No automated UI testing
- Manual Testing Only: Relies entirely on manual testing
- No Accessibility Support: No content descriptions for screen readers
- English Only: No localization support for other languages
- Poor UI Contrast: No consideration for color blindness or visual impairments
- No README Existed: No documentation before this review
- No Code Comments: Minimal inline documentation
- No API Documentation: No documentation for public methods
- No Architecture Documentation: No explanation of app architecture or design patterns
Immediate Actions:
- Migrate to AndroidX and modern Android SDK (API 33+)
- Implement proper password hashing (bcrypt, PBKDF2, or Argon2)
- Replace raw SQL with Room database or prepared statements
- Remove unnecessary permissions
- Add proper encryption for actual file locking functionality
Short-term Improvements:
- Implement proper lifecycle management
- Add error handling and user feedback
- Add file operations (open, delete, share)
- Implement search functionality
- Add caching for thumbnails
Long-term Improvements:
- Complete rewrite using modern Android architecture (MVVM, Kotlin, Jetpack Compose)
- Implement comprehensive testing suite
- Add accessibility features
- Support for cloud storage integration
- Implement biometric authentication