Skip to content

mhan8796/fileLocker

Repository files navigation

FileLocker

An Android file management application that allows users to browse, scan, and organize files on their device's storage with password protection.

Overview

FileLocker is a simple Android file browser that provides:

  • Password-protected access to the application
  • File system navigation with folder browsing
  • File type detection and categorization
  • Scanning for specific file types (images, PDFs)
  • Thumbnail generation for image files

Features

  • Password Protection: Create and manage a password to secure the app
  • File Browsing: Navigate through device storage and SD cards
  • File Type Detection: Automatically identifies file types based on file headers
  • Media Scanning: Quick scan for images and PDF files across storage
  • Thumbnail Preview: Generate and display thumbnails for image files
  • Multiple Storage Support: Detects and browses multiple storage locations

Requirements

  • Android SDK 23 (Android 6.0 Marshmallow)
  • Minimum SDK: 15 (Android 4.0.3 Ice Cream Sandwich)
  • Target SDK: 23 (Android 6.0 Marshmallow)
  • Java

Installation

  1. Clone the repository:

    git clone https://github.com/mhan8796/fileLocker.git
    cd fileLocker
  2. Build the project using Gradle:

    ./gradlew build
  3. Install on an Android device or emulator:

    ./gradlew installDebug

Usage

  1. First Launch: Create a password when prompted
  2. Subsequent Launches: Enter your password to access the app
  3. Menu Options:
    • All files: Browse the complete file system
    • Image: Scan and view all image files
    • PDF: Scan and view all PDF files
  4. Navigation: Use the back button in the action bar to navigate up the directory tree

Project Structure

app/src/main/java/com/example/guohuan/filelocker/
├── MainActivity.java          # Login/Password entry point
├── menuActivity.java           # Main menu with file type options
├── fileSystem.java             # File browser implementation
├── scanfileActivity.java      # Activity for scanned file results
├── scanAs.java                 # Background file scanning logic
├── MyDbHelper.java             # SQLite database helper for password storage
├── fileType.java               # File type detection using file headers
├── method.java                 # Utility methods for image processing
└── loadImageFileAs.java        # Async image loading for thumbnails

Permissions

The app requires the following permissions:

  • INTERNET - Network access
  • ACCESS_WIFI_STATE - WiFi state information
  • MOUNT_UNMOUNT_FILESYSTEMS - File system mounting
  • ACCESS_NETWORK_STATE - Network state information
  • READ_EXTERNAL_STORAGE - Read files from external storage
  • WRITE_EXTERNAL_STORAGE - Write files to external storage
  • GET_ACCOUNTS - Access user accounts
  • READ_PROFILE - Read user profile
  • READ_CONTACTS - Read contacts

Known Issues

See the Issues section below for a comprehensive list of problems and areas for improvement.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.

License

This project is provided as-is for educational purposes.

Author

Mingrui Han - mhan8796@gmail.com

Issues

Critical Security Issues

  1. Plain Text Password Storage: Passwords are stored in plain text in SQLite database without encryption or hashing
  2. SQL Injection Vulnerability: Raw SQL queries are used instead of prepared statements
  3. Dangerous Runtime Execution: Uses Runtime.exec("mount") which could be exploited
  4. Excessive Permissions: Requests unnecessary permissions (GET_ACCOUNTS, READ_CONTACTS, READ_PROFILE) unrelated to core functionality

Deprecated and Outdated Dependencies

  1. Obsolete Android SDK: Uses SDK 23 (Android 6.0, released 2015) - severely outdated
  2. Deprecated Support Library: Uses com.android.support:appcompat-v7:23.1.0 instead of AndroidX
  3. Deprecated Gradle Plugin: Uses Gradle plugin 1.3.0 instead of modern versions
  4. Deprecated jcenter Repository: jcenter has been shut down and should be replaced with Maven Central
  5. Deprecated AsyncTask: Uses AsyncTask which is deprecated in API 30
  6. Deprecated getDrawable(): Uses deprecated getDrawable() method instead of ContextCompat.getDrawable()

Code Quality Issues

  1. No Actual File Locking: Despite the name "FileLocker", the app doesn't actually lock or encrypt files
  2. Memory Leaks: Bitmap arrays stored in memory without proper cleanup
  3. Poor Lifecycle Management: No proper handling of Activity lifecycle events
  4. Inconsistent Error Handling: Empty catch blocks and silent failures throughout
  5. Hardcoded Package Name: Uses com.example.guohuan.filelocker which should be changed for production
  6. Deprecated Stack Usage: Uses Stack instead of modern Deque implementations
  7. Magic Numbers: Hardcoded values like REQUIRED_SIZE = 70 without explanation
  8. Code Duplication: Similar adapter logic duplicated across multiple activities
  9. Missing Null Checks: Insufficient null checks before file operations
  10. No Input Validation: Password field lacks complexity requirements or validation

Performance Issues

  1. Inefficient Image Loading: Loads full images before scaling instead of using proper sampling
  2. Blocking UI Operations: File scanning on main thread could cause ANRs
  3. No Caching: Thumbnails are not cached, causing repeated loading
  4. Inefficient File Scanning: Recursive scanning without optimization for large directories

Functionality Issues

  1. Incomplete File Type Support: Limited file type detection (mainly images and PDFs)
  2. No File Operations: Cannot open, delete, move, or share files
  3. No Search Functionality: No way to search for specific files
  4. Broken Navigation: Back button logic is complex and potentially buggy
  5. No Settings: No way to change password or configure app settings
  6. No Help/Documentation: No in-app help or user guidance

Build and Configuration Issues

  1. Outdated Build Tools: Uses buildToolsVersion "23.0.2"
  2. No ProGuard Rules: ProGuard is disabled in release builds
  3. Missing Version Control: No .gitignore for sensitive files
  4. No CI/CD: No automated testing or deployment configuration
  5. No Dependency Management: No lockfile for Gradle dependencies

Testing and Quality Assurance

  1. No Unit Tests: No test coverage for any components
  2. No Integration Tests: No testing of user flows
  3. No UI Tests: No automated UI testing
  4. Manual Testing Only: Relies entirely on manual testing

Accessibility and Localization

  1. No Accessibility Support: No content descriptions for screen readers
  2. English Only: No localization support for other languages
  3. Poor UI Contrast: No consideration for color blindness or visual impairments

Documentation

  1. No README Existed: No documentation before this review
  2. No Code Comments: Minimal inline documentation
  3. No API Documentation: No documentation for public methods
  4. No Architecture Documentation: No explanation of app architecture or design patterns

Recommendations for Improvement

Immediate Actions:

  • Migrate to AndroidX and modern Android SDK (API 33+)
  • Implement proper password hashing (bcrypt, PBKDF2, or Argon2)
  • Replace raw SQL with Room database or prepared statements
  • Remove unnecessary permissions
  • Add proper encryption for actual file locking functionality

Short-term Improvements:

  • Implement proper lifecycle management
  • Add error handling and user feedback
  • Add file operations (open, delete, share)
  • Implement search functionality
  • Add caching for thumbnails

Long-term Improvements:

  • Complete rewrite using modern Android architecture (MVVM, Kotlin, Jetpack Compose)
  • Implement comprehensive testing suite
  • Add accessibility features
  • Support for cloud storage integration
  • Implement biometric authentication

About

an android phone app developed with other awesome people

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages