diff --git a/flaskfdx/dashboard.py b/flaskfdx/dashboard.py
index 0d073b2..8fa1de2 100644
--- a/flaskfdx/dashboard.py
+++ b/flaskfdx/dashboard.py
@@ -1,9 +1,11 @@
 import functools
+import os
 
 from flask import(
     Blueprint, flash, g, redirect, render_template, request, session, url_for
 )
 from werkzeug.exceptions import abort
+from werkzeug.utils import secure_filename
 
 from flaskfdx.auth import login_required
 from flaskfdx.db import get_db
@@ -51,7 +53,19 @@ def index():
 @bp.route('/upload', methods=('GET', 'POST'))
 @login_required
 def upload():
+    ''' need to add upload folder and allowed extensions'''
     if request.method == 'POST':
-        file = request.form['file']
+        if 'file' not in request.files:
+            flash('No file part')
+            return redirect(request.url)
+        file = request.files['file']
+        if file.filename == '':
+            flash('No selected file')
+            return redirect(request.url)
+        return redirect(url_for('index'))
+        if file and allowed_file(file.filename):
+            filename = secure_filename(file.filename)
+            file
+        
 
     return render_template('dashboard/upload.html')