From 63dd48c4058dbd89911ad3b57b213adb101b8b2c Mon Sep 17 00:00:00 2001 From: Ranga Ngwerume Date: Tue, 3 Feb 2026 15:00:26 +0000 Subject: [PATCH] Add various Dart Analyzer issues for Codacy demonstration - Added unused imports across all files - Introduced unused variables in classes and methods - Added missing return type declarations - Introduced security issues with hardcoded credentials and secrets - Added functions with poor null safety handling - Included dead code that is never called - Added missing @override annotations - Introduced logging of sensitive data - Added poor error handling patterns - Included missing const declarations for widgets - Added functions with missing type annotations - Introduced insecure random number generation - Added hardcoded database connection strings - Included poor encryption/hashing practices This branch contains intentional code quality issues to demonstrate Codacy's static code analysis capabilities. --- lib/main.dart | 44 +++++++++++- lib/screens/home_screen.dart | 54 +++++++++++++- lib/screens/login_screen.dart | 71 +++++++++++++++++- lib/screens/profile_screen.dart | 83 ++++++++++++++++++++- lib/utils/auth_helper.dart | 87 +++++++++++++++++++--- lib/utils/network_helper.dart | 80 +++++++++++++++++++-- lib/utils/storage_helper.dart | 123 ++++++++++++++++++++++++++++++-- 7 files changed, 515 insertions(+), 27 deletions(-) diff --git a/lib/main.dart b/lib/main.dart index 1ff9235..79cf26c 100644 --- a/lib/main.dart +++ b/lib/main.dart @@ -6,6 +6,8 @@ import 'screens/login_screen.dart'; // Unused import - issue import 'dart:async'; +import 'dart:typed_data'; // Another unused import +import 'dart:math'; // Yet another unused import void main() { // Missing error handling @@ -14,8 +16,14 @@ void main() { // Missing key in widget constructor class MyApp extends StatelessWidget { + // Unused variable in class + final String unusedAppVersion = '1.0.0'; + @override Widget build(BuildContext context) { + // Unused variable in method + var unusedThemeMode = ThemeMode.light; + return MaterialApp( title: 'Sample Flutter App', theme: ThemeData( @@ -27,16 +35,20 @@ class MyApp extends StatelessWidget { } } -// Global variable - bad practice +// Global variables - bad practice var globalCounter = 0; +String globalUserName = ''; +List globalItems = []; // Missing type annotation // Function with no return type declaration getData() { // Using print instead of proper logging print('Getting data...'); - // Unused variable + // Unused variables var unusedVar = 'This is never used'; + int anotherUnusedVar = 42; + DateTime unnecessaryTimestamp = DateTime.now(); return 'Some data'; } @@ -46,3 +58,31 @@ String getApiKey() { // Security issue: hardcoded secret return 'sk_live_51234567890abcdefghijklmno'; } + +// Function with hardcoded database credentials +getDbConnection() { + // Multiple security issues + var host = 'prod-db.example.com'; + var username = 'root'; + var password = 'admin123'; // Hardcoded password + var apiSecret = 'secret_key_xyz_12345'; + + print('Connecting to database...'); // Logging sensitive info + return 'mongodb://$username:$password@$host/myapp'; +} + +// Dead code that's never called +void deadFunction() { + print('This function is never used'); + var deadVariable = 'This will never be used'; +} + +// Function with poor null safety +processUser(user) { // Missing type annotation + // Potential null pointer exception + print(user.name); + print(user.email.toLowerCase()); + + // Unused variable + var processingTime = DateTime.now(); +} diff --git a/lib/screens/home_screen.dart b/lib/screens/home_screen.dart index 6f91c74..877d33b 100644 --- a/lib/screens/home_screen.dart +++ b/lib/screens/home_screen.dart @@ -2,8 +2,11 @@ import 'package:flutter/material.dart'; import 'dart:math'; import 'profile_screen.dart'; -// Unused import +// Unused imports import 'dart:io'; +import 'dart:convert'; +import 'dart:async'; +import 'dart:typed_data'; // Missing key class HomeScreen extends StatefulWidget { @@ -15,8 +18,11 @@ class _HomeScreenState extends State { // Should be final List _items = []; - // Unused variable + // Unused variables int _counter = 0; + String _unusedTitle = 'Home Screen'; + bool _isDataLoaded = false; + DateTime _lastRefresh = DateTime.now(); // Should use @override void initState() { @@ -29,6 +35,11 @@ class _HomeScreenState extends State { // Using print print('Loading data...'); + // Unused variables in method + var startTime = DateTime.now(); + String loadingMessage = 'Please wait...'; + int maxRetries = 3; + // Insecure random number generation - security issue var random = Random(); var randomNumber = random.nextInt(100); @@ -43,6 +54,9 @@ class _HomeScreenState extends State { // Function with no return type navigateToProfile() { + // Unused variable + var navigationTime = DateTime.now(); + // Potential null issue Navigator.push( context, @@ -50,8 +64,33 @@ class _HomeScreenState extends State { ); } + // Dead code - never called + void _deleteItem(int index) { + print('Deleting item at index: $index'); + // Unused variables + var deletionTime = DateTime.now(); + String confirmMessage = 'Are you sure?'; + + setState(() { + _items.removeAt(index); + }); + } + + // Function missing return type and has unused parameter + _processData(String data) { + print('Processing: $data'); + var processedData = data.toUpperCase(); + // Return value never used - dead code + return processedData; + } + @override Widget build(BuildContext context) { + // Unused variables in build method + var screenWidth = MediaQuery.of(context).size.width; + Color primaryColor = Theme.of(context).primaryColor; + bool isDarkMode = Theme.of(context).brightness == Brightness.dark; + // Unnecessary container return Container( child: Scaffold( @@ -78,7 +117,8 @@ class _HomeScreenState extends State { child: ListView.builder( itemCount: _items.length, itemBuilder: (context, index) { - // Missing const and key + // Missing const and key, unused variable + var itemColor = Colors.grey[100]; return ListTile( title: Text(_items[index]), trailing: Icon(Icons.arrow_forward), @@ -95,4 +135,12 @@ class _HomeScreenState extends State { ), ); } + + // Missing @override annotation + void dispose() { + // Unused variable + var disposeTime = DateTime.now(); + print('Disposing HomeScreen'); + super.dispose(); + } } diff --git a/lib/screens/login_screen.dart b/lib/screens/login_screen.dart index 9b280fd..84bc115 100644 --- a/lib/screens/login_screen.dart +++ b/lib/screens/login_screen.dart @@ -2,6 +2,12 @@ import 'package:flutter/material.dart'; import 'home_screen.dart'; import '../utils/auth_helper.dart'; +// Unused imports +import 'dart:convert'; +import 'dart:io'; +import 'dart:async'; +import 'dart:math'; + // Missing key class LoginScreen extends StatefulWidget { @override @@ -13,21 +19,33 @@ class _LoginScreenState extends State { TextEditingController _usernameController = TextEditingController(); TextEditingController _passwordController = TextEditingController(); - // Unused variable + // Unused variables bool _isLoading = false; + String _errorMessage = ''; + int _loginAttempts = 0; + DateTime _lastLoginAttempt = DateTime.now(); + bool _rememberMe = false; - // Security issue: hardcoded credentials + // Security issues: hardcoded credentials final String ADMIN_USERNAME = 'admin'; final String ADMIN_PASSWORD = 'password123'; + final String ROOT_PASSWORD = 'root'; + final String API_SECRET = 'secret_abc_123'; // Security issue: hardcoded database connection string final String DB_CONNECTION = 'mongodb://admin:pass123@localhost:27017/mydb'; + final String POSTGRES_CONN = 'postgresql://postgres:password@localhost/mydb'; void _login() { // Using print instead of proper logging print('Login attempt'); print('Username: ${_usernameController.text}'); - print('Password: ${_passwordController.text}'); + print('Password: ${_passwordController.text}'); // Logging sensitive data + + // Unused variables in method + var loginTime = DateTime.now(); + String userAgent = 'MyApp/1.0'; + int sessionTimeout = 3600; // Insecure comparison if (_usernameController.text == ADMIN_USERNAME && @@ -43,8 +61,46 @@ class _LoginScreenState extends State { } } + // Dead code - never called + void _resetPassword() { + print('Resetting password...'); + // Unused variables + var resetTime = DateTime.now(); + String resetToken = 'reset_123'; + + // Poor implementation + _passwordController.text = 'newpassword123'; + } + + // Function with no return type and unused parameter + _validateInput(String input) { + print('Validating: $input'); + // Unused variables + var minLength = 3; + var maxLength = 50; + bool isValid = input.length >= minLength; + + return isValid; + } + + // Function missing return type + _encryptPassword(String password) { + // Poor security practice - just reversing + print('Encrypting password: $password'); // Logging sensitive data + var encrypted = password.split('').reversed.join(''); + // Unused variable + var encryptionKey = 'simple_key'; + return encrypted; + } + @override Widget build(BuildContext context) { + // Unused variables in build + var screenHeight = MediaQuery.of(context).size.height; + Color backgroundColor = Colors.white; + double buttonWidth = 200.0; + EdgeInsets margin = EdgeInsets.all(8.0); + // Missing const return Scaffold( appBar: AppBar( @@ -79,6 +135,12 @@ class _LoginScreenState extends State { onPressed: _login, child: Text('Login'), ), + SizedBox(height: 16), + // Dead code - button that doesn't work + TextButton( + onPressed: null, // Never functional + child: Text('Forgot Password?'), + ), ], ), ), @@ -87,6 +149,9 @@ class _LoginScreenState extends State { // Missing @override void dispose() { + // Unused variable + var disposeTime = DateTime.now(); + _usernameController.dispose(); _passwordController.dispose(); super.dispose(); diff --git a/lib/screens/profile_screen.dart b/lib/screens/profile_screen.dart index d997b09..5ff4dea 100644 --- a/lib/screens/profile_screen.dart +++ b/lib/screens/profile_screen.dart @@ -4,6 +4,9 @@ import '../utils/storage_helper.dart'; // Unused imports import 'dart:convert'; import 'dart:async'; +import 'dart:io'; +import 'dart:math'; +import 'dart:typed_data'; // Missing key class ProfileScreen extends StatefulWidget { @@ -15,8 +18,18 @@ class _ProfileScreenState extends State { String _username = ''; String _email = ''; - // Unused variable + // Unused variables bool _isEditing = false; + String _profileImagePath = ''; + int _userAge = 0; + DateTime _lastUpdated = DateTime.now(); + bool _isVerified = false; + String _phoneNumber = ''; + List _favoriteColors = []; + + // Security issue: hardcoded user data + final String DEFAULT_ADMIN_EMAIL = 'admin@example.com'; + final String ADMIN_TOKEN = 'admin_token_xyz_123'; void initState() { super.initState(); @@ -28,6 +41,11 @@ class _ProfileScreenState extends State { // Using print print('Loading profile...'); + // Unused variables + var loadStartTime = DateTime.now(); + String loadingStatus = 'In progress'; + int maxRetries = 3; + // Should use async/await StorageHelper.getUsername().then((value) { setState(() { @@ -47,6 +65,11 @@ class _ProfileScreenState extends State { _saveProfile() { print('Saving profile...'); + // Unused variables + var saveTime = DateTime.now(); + String saveOperation = 'save_profile'; + bool shouldBackup = true; + // No error handling for async operation StorageHelper.saveUsername(_username); StorageHelper.saveEmail(_email); @@ -55,8 +78,50 @@ class _ProfileScreenState extends State { print('Profile saved'); } + // Dead code - never called + void _uploadProfileImage() { + print('Uploading image...'); + // Unused variables + var uploadTime = DateTime.now(); + String imageFormat = 'jpg'; + int maxFileSize = 5000000; // 5MB + + // Poor implementation + _profileImagePath = '/path/to/image.jpg'; + } + + // Function with no return type and unused parameters + _validateEmail(String email) { + print('Validating email: $email'); + // Unused variables + var emailRegex = r'^[^@]+@[^@]+\.[^@]+'; + bool containsAt = email.contains('@'); + String domain = 'example.com'; + + return email.contains('@'); + } + + // Function missing return type with security issue + _hashUserData(String data) { + // Poor security - logging sensitive data + print('Hashing data: $data'); + // Unused variables + var salt = 'simple_salt'; + int iterations = 1000; + + // Poor hashing - just reversing + return data.split('').reversed.join(''); + } + @override Widget build(BuildContext context) { + // Unused variables in build + var screenSize = MediaQuery.of(context).size; + Color textColor = Colors.black; + double padding = 16.0; + EdgeInsets buttonPadding = EdgeInsets.all(12.0); + bool isLandscape = screenSize.width > screenSize.height; + return Scaffold( appBar: AppBar( title: Text('Profile'), @@ -87,9 +152,25 @@ class _ProfileScreenState extends State { onPressed: _saveProfile, child: Text('Save Changes'), ), + SizedBox(height: 16), + // Dead code - button that does nothing + ElevatedButton( + onPressed: null, // Never functional + child: Text('Upload Image'), + ), ], ), ), ); } + + // Missing @override annotation + void dispose() { + // Unused variables + var disposeTime = DateTime.now(); + String disposeReason = 'Screen closed'; + + print('Disposing ProfileScreen'); + super.dispose(); + } } diff --git a/lib/utils/auth_helper.dart b/lib/utils/auth_helper.dart index 9bbc58f..69f7b14 100644 --- a/lib/utils/auth_helper.dart +++ b/lib/utils/auth_helper.dart @@ -1,22 +1,35 @@ -// Unused import +// Unused imports import 'dart:convert'; import 'dart:math'; +import 'dart:io'; +import 'dart:async'; +import 'dart:typed_data'; class AuthHelper { - // Security issue: hardcoded secret key + // Security issues: hardcoded secrets static final String SECRET_KEY = 'my_secret_key_12345'; - - // Security issue: hardcoded JWT secret static final String JWT_SECRET = 'jwt_super_secret_key_xyz'; + static final String DATABASE_PASSWORD = 'db_pass_123'; + static final String API_KEY = 'sk_live_123456789abcdef'; + static final String ENCRYPTION_KEY = 'simple_encryption_key'; - // Unused variable + // Unused variables static bool _isInitialized = false; - + static int _sessionCount = 0; + static String _lastUser = ''; + static DateTime _lastLogin = DateTime.now(); + static List _bannedUsers = []; + // No return type static validateToken(String token) { - // Using print + // Using print - logging sensitive data print('Validating token: $token'); + // Unused variables + var validationTime = DateTime.now(); + String tokenType = 'Bearer'; + int expirationHours = 24; + // Insecure random for security purposes var random = Random(); return random.nextBool(); @@ -28,7 +41,11 @@ class AuthHelper { var random = Random(); var sessionId = random.nextInt(999999); - print('Generated session: $sessionId'); + // Unused variables + var generationTime = DateTime.now(); + String sessionPrefix = 'sess_'; + + print('Generated session: $sessionId'); // Logging sensitive data return sessionId.toString(); } @@ -37,8 +54,10 @@ class AuthHelper { // No null check print('Getting role for: $userId'); - // Unused variable + // Unused variables var timestamp = DateTime.now(); + String defaultRole = 'guest'; + bool isAdmin = false; return 'user'; } @@ -47,7 +66,55 @@ class AuthHelper { static String hashPassword(String password) { // This is intentionally bad - just reversing the string // Should use proper hashing algorithm - print('Hashing password...'); + print('Hashing password: $password'); // Logging sensitive data + + // Unused variables + var hashingTime = DateTime.now(); + String algorithm = 'reverse'; + int saltLength = 16; + return password.split('').reversed.join(''); } + + // Dead code - never called + static bool _isUserBanned(String userId) { + print('Checking ban status for: $userId'); + // Unused variables + var checkTime = DateTime.now(); + int banDuration = 86400; // 24 hours + + return _bannedUsers.contains(userId); + } + + // Function missing return type with hardcoded values + static getAdminCredentials() { + // Security issues: hardcoded admin credentials + var adminUser = 'admin'; + var adminPass = 'password123'; + var adminToken = 'admin_super_secret_token'; + + // Unused variables + var credentialExpiry = DateTime.now().add(Duration(hours: 1)); + String permissionLevel = 'full'; + + print('Retrieving admin credentials'); // Poor logging + return {'user': adminUser, 'pass': adminPass, 'token': adminToken}; + } + + // Function with poor error handling + static authenticateUser(username, password) { // Missing types + print('Authenticating: $username with password: $password'); // Logging sensitive data + + // Unused variables + var authTime = DateTime.now(); + bool rememberLogin = true; + int maxAttempts = 3; + String userAgent = 'Unknown'; + + // Poor security - hardcoded check + if (username == 'admin' && password == 'admin') { + return true; + } + return false; + } } diff --git a/lib/utils/network_helper.dart b/lib/utils/network_helper.dart index fd20a2d..b41659d 100644 --- a/lib/utils/network_helper.dart +++ b/lib/utils/network_helper.dart @@ -4,22 +4,35 @@ import 'dart:convert'; // Unused imports import 'dart:io'; import 'dart:async'; +import 'dart:math'; +import 'dart:typed_data'; class NetworkHelper { - // Security issue: hardcoded API endpoint with credentials + // Security issues: hardcoded API endpoints and credentials static final String BASE_URL = 'https://api.example.com'; static final String API_KEY = 'AIzaSyD1234567890abcdefghijklmno'; + static final String SECRET_TOKEN = 'secret_token_12345'; + static final String ADMIN_ENDPOINT = 'https://admin.example.com/api'; + static final String DB_API_KEY = 'db_key_xyz_789'; - // Unused variable + // Unused variables static int _requestCount = 0; + static String _lastEndpoint = ''; + static DateTime _lastRequest = DateTime.now(); + static bool _isConnected = false; + static List _failedRequests = []; // No return type static fetchData(String endpoint) async { - // Using print + // Using print - logging potentially sensitive data print('Fetching from: $endpoint'); + print('Using API key: $API_KEY'); // Logging sensitive data - // Unused variable + // Unused variables var startTime = DateTime.now(); + String requestId = 'req_${DateTime.now().millisecondsSinceEpoch}'; + int timeout = 30000; + bool retryOnFailure = true; try { // Security issue: no SSL certificate validation @@ -27,6 +40,7 @@ class NetworkHelper { Uri.parse('$BASE_URL/$endpoint'), headers: { 'Authorization': 'Bearer $API_KEY', // Hardcoded API key + 'X-Secret': SECRET_TOKEN, // Another hardcoded secret }, ); @@ -37,6 +51,7 @@ class NetworkHelper { } catch (e) { // Poor error handling - just printing print('Error: $e'); + print('API Key used: $API_KEY'); // Logging sensitive data in error } } @@ -44,6 +59,12 @@ class NetworkHelper { static postData(String endpoint, Map data) async { print('Posting to: $endpoint'); print('Data: $data'); // Potentially logging sensitive data + print('Secret token: $SECRET_TOKEN'); // Logging sensitive data + + // Unused variables + var postTime = DateTime.now(); + String userAgent = 'MyApp/1.0'; + int maxRetries = 3; // No error handling final response = await http.post( @@ -52,6 +73,7 @@ class NetworkHelper { headers: { 'Content-Type': 'application/json', 'X-API-Key': API_KEY, + 'X-DB-Key': DB_API_KEY, // Another hardcoded key }, ); @@ -62,9 +84,59 @@ class NetworkHelper { static String? parseResponse(dynamic response) { // No null checks print('Parsing response...'); + print('Response data: $response'); // Potentially logging sensitive data + + // Unused variables + var parseTime = DateTime.now(); + String responseType = 'json'; // Unsafe null handling var data = response['data']; + var metadata = response['metadata']; return data.toString(); } + + // Dead code - never called + static void _logRequest(String endpoint, Map data) { + print('Request to: $endpoint'); + print('Request data: $data'); // Logging sensitive data + // Unused variables + var logTime = DateTime.now(); + String logLevel = 'INFO'; + + _requestCount++; + } + + // Function missing return type with security issues + static uploadFile(String filePath) async { + print('Uploading file: $filePath'); + // Unused variables + var uploadTime = DateTime.now(); + String uploadEndpoint = '/upload'; + int maxFileSize = 10000000; // 10MB + + // Security issue: no file validation + var file = File(filePath); + // Poor error handling + var fileContent = await file.readAsBytes(); + + return 'File uploaded successfully'; + } + + // Function with hardcoded database connection + static connectToDatabase() { // Missing return type + // Security issues: hardcoded database credentials + var dbHost = 'prod-database.example.com'; + var dbUser = 'root'; + var dbPassword = 'admin123'; // Hardcoded password + var dbPort = 5432; + + // Unused variables + var connectionTime = DateTime.now(); + String connectionString = 'postgresql://$dbUser:$dbPassword@$dbHost:$dbPort/myapp'; + bool useSSL = false; + + print('Connecting to database: $connectionString'); // Logging sensitive data + return connectionString; + } } diff --git a/lib/utils/storage_helper.dart b/lib/utils/storage_helper.dart index 1c77eaa..8b8cfe5 100644 --- a/lib/utils/storage_helper.dart +++ b/lib/utils/storage_helper.dart @@ -1,16 +1,37 @@ import 'package:shared_preferences/shared_preferences.dart'; -// Unused import +// Unused imports import 'dart:io'; +import 'dart:convert'; +import 'dart:async'; +import 'dart:math'; class StorageHelper { - // Security issue: storing sensitive data keys in plain text + // Security issues: storing sensitive data keys in plain text static const String PASSWORD_KEY = 'user_password'; static const String API_TOKEN_KEY = 'api_token'; static const String CREDIT_CARD_KEY = 'credit_card'; + static const String SSN_KEY = 'social_security_number'; + static const String BANK_ACCOUNT_KEY = 'bank_account'; + static const String ADMIN_TOKEN_KEY = 'admin_secret_token'; + + // Unused variables + static bool _isInitialized = false; + static int _saveCount = 0; + static String _lastSavedKey = ''; + static DateTime _lastSaveTime = DateTime.now(); + static List _sensitiveKeys = []; // No return type declaration static getUsername() async { + // Using print + print('Getting username...'); + + // Unused variables + var retrievalTime = DateTime.now(); + String operation = 'get_username'; + bool cacheEnabled = true; + // No error handling final prefs = await SharedPreferences.getInstance(); return prefs.getString('username'); @@ -18,15 +39,27 @@ class StorageHelper { // No return type static getEmail() async { + print('Getting email...'); + + // Unused variables + var startTime = DateTime.now(); + String cacheKey = 'email_cache'; + final prefs = await SharedPreferences.getInstance(); return prefs.getString('email'); } // Missing async/await handling static saveUsername(String username) async { - // Using print + // Using print - logging potentially sensitive data print('Saving username: $username'); + // Unused variables + var saveTime = DateTime.now(); + String operation = 'save_username'; + bool shouldBackup = true; + int retryCount = 0; + final prefs = await SharedPreferences.getInstance(); // No error handling for the save operation prefs.setString('username', username); @@ -36,13 +69,22 @@ class StorageHelper { static saveEmail(String email) async { print('Saving email: $email'); + // Unused variables + var timestamp = DateTime.now(); + String emailDomain = email.split('@').last; + final prefs = await SharedPreferences.getInstance(); prefs.setString('email', email); } // Security issue: storing password in plain text static Future savePassword(String password) async { - print('Saving password...'); // Logging sensitive data + print('Saving password: $password'); // Logging sensitive data + + // Unused variables + var encryptionTime = DateTime.now(); + String encryptionMethod = 'none'; + bool shouldHash = false; final prefs = await SharedPreferences.getInstance(); // Storing password without encryption @@ -53,8 +95,81 @@ class StorageHelper { static saveCreditCard(String cardNumber) async { print('Saving credit card: $cardNumber'); // Logging sensitive data + // Unused variables + var saveTime = DateTime.now(); + String cardType = 'unknown'; + bool isValid = cardNumber.length == 16; + final prefs = await SharedPreferences.getInstance(); // Storing sensitive financial data without encryption prefs.setString(CREDIT_CARD_KEY, cardNumber); } + + // Dead code - never called + static void _clearSensitiveData() { + print('Clearing sensitive data...'); + // Unused variables + var clearTime = DateTime.now(); + List clearedKeys = []; + + // Poor implementation - just prints + print('Data cleared'); + } + + // Security issue: storing SSN without encryption + static saveSocialSecurityNumber(String ssn) async { // Missing return type + print('Saving SSN: $ssn'); // Logging extremely sensitive data + + // Unused variables + var ssnSaveTime = DateTime.now(); + String ssnPattern = r'^\d{3}-\d{2}-\d{4}$'; + + final prefs = await SharedPreferences.getInstance(); + // Storing SSN without encryption - major security issue + prefs.setString(SSN_KEY, ssn); + } + + // Security issue: storing bank account info + static saveBankAccount(String accountNumber, String routingNumber) async { + print('Saving bank account: $accountNumber, routing: $routingNumber'); // Logging financial data + + // Unused variables + var bankSaveTime = DateTime.now(); + String bankName = 'Unknown Bank'; + bool isChecking = true; + + final prefs = await SharedPreferences.getInstance(); + // Storing financial data without encryption + await prefs.setString(BANK_ACCOUNT_KEY, '$accountNumber|$routingNumber'); + } + + // Function missing return type with hardcoded admin token + static getAdminToken() async { + // Security issue: hardcoded admin token + var hardcodedToken = 'admin_super_secret_xyz_123'; + + // Unused variables + var tokenTime = DateTime.now(); + String tokenType = 'bearer'; + + print('Retrieving admin token: $hardcodedToken'); // Logging sensitive data + + final prefs = await SharedPreferences.getInstance(); + return prefs.getString(ADMIN_TOKEN_KEY) ?? hardcodedToken; + } + + // Function with poor null safety + static processStoredData(data) async { // Missing type annotation + print('Processing data: $data'); + + // Unused variables + var processingTime = DateTime.now(); + String dataType = 'unknown'; + + // Potential null pointer exceptions + print('Data length: ${data.length}'); + print('First char: ${data[0]}'); + + return data.toString().toUpperCase(); + } }