Concept Flow - Allowed file types validation
User uploads file
Check file extension
Accept file
Save file
End
The flow checks the uploaded file's extension. If allowed, it saves the file; otherwise, it rejects it with an error.
0
0
Allowed file types validation in Flask - Step-by-Step Execution
Execution Sample
Flask
ALLOWED_EXTENSIONS = {'png', 'jpg', 'jpeg', 'gif'}
def allowed_file(filename):
return '.' in filename and filename.rsplit('.', 1)[1].lower() in ALLOWED_EXTENSIONS
file = 'example.JPG'
result = allowed_file(file)This code checks if the file 'example.JPG' has an allowed extension ignoring case.
Execution Table
| Step | Action | Evaluation | Result |
|---|---|---|---|
| 1 | Check if '.' in 'example.JPG' | True | Continue |
| 2 | Split 'example.JPG' by last '.' | ['example', 'JPG'] | Extension = 'JPG' |
| 3 | Convert extension to lowercase | 'jpg' | Extension = 'jpg' |
| 4 | Check if 'jpg' in ALLOWED_EXTENSIONS | True | File allowed |
| 5 | Return True from allowed_file | True |
💡 File extension 'jpg' is allowed, so function returns True
Variable Tracker
| Variable | Start | After Step 2 | After Step 3 | Final |
|---|---|---|---|---|
| filename | 'example.JPG' | 'example.JPG' | 'example.JPG' | 'example.JPG' |
| extension | N/A | 'JPG' | 'jpg' | 'jpg' |
| allowed_file result | N/A | N/A | N/A | True |
Key Moments - 2 Insights
Why do we convert the file extension to lowercase before checking?
Because file extensions can be uppercase or mixed case, converting to lowercase ensures the check against ALLOWED_EXTENSIONS is case-insensitive, as shown in step 3 of the execution_table.
What happens if the filename does not contain a '.' character?
The function returns False immediately because the condition '.' in filename fails (step 1), so the file is rejected.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution_table, what is the value of 'extension' after step 3?
💡 Hint
Check the 'Evaluation' column at step 3 in the execution_table.
At which step does the function decide the file is allowed?
💡 Hint
Look for the step where the extension is checked against ALLOWED_EXTENSIONS.
If the filename was 'filetxt' without a dot, what would the function return?
💡 Hint
Refer to step 1 in the execution_table where the presence of '.' is checked.
Concept Snapshot
Allowed file types validation in Flask: - Define ALLOWED_EXTENSIONS set with allowed suffixes - Check if filename contains '.' - Extract extension after last '.' and convert to lowercase - Return True if extension in allowed set, else False - Use this function to accept or reject uploaded files
Full Transcript
This visual trace shows how Flask validates allowed file types by checking the file extension. First, it confirms the filename contains a dot. Then it extracts the extension after the last dot and converts it to lowercase to ensure case-insensitive matching. Next, it checks if this extension is in the allowed set. If yes, the file is accepted; otherwise, it is rejected. This prevents users from uploading disallowed file types. The example uses 'example.JPG' which passes validation because 'jpg' is allowed.