Programmatically Adding To the Cart

**Rob** · 02-24-2007

We get a lot of questions about how to add to the cart programmatically, via a link, or button, etc. The syntax is very simple. Just link to:

addtocart.aspx?productid=M&variantid=N

That is the absolute minimum syntax

The next most common syntax is:

addtocart.aspx?productid=M&variantid=N&quantity=Q

the full syntax could be:

addtocart.aspx?ProductID=M&VariantID=N&Quantity=Q& ReturnURL=whatever.aspx&price=x.xx&Color=red&Size= L&ShippingAddressID=R

price is for forcing price in (note this may not be honored for all product types, e.g. kits).

if ProductID is not specified, it will be determined from the VariantID

If VariantID is 0 or not specified, nothing will get added

Size and Color values MUST be in master web.config locale value form (for multi-lingual sites, and properly URL encoded)

ReturnURL must be properly URL encoded

Quantity defaults to 1 if not specified

**fsantos** · 02-25-2007

If price can be forced, isn't this a security problem?

Someone can eventually use this URL and add the product to the cart at a cheaper price...

Even though I tried it on our website and it didn't work

I would like to know more about this "forced price" thing.

Fsantos

**ntm** · 02-26-2007

Looks like the price in the querystring only works if the product is flagged to allow the customer to enter the price.

**Rob** · 02-26-2007

Yes, the product must be setup to even allow a price to be "forced" in

**jbrinkman** · 02-26-2007

One problem with the current code:

If I enter a ReturnUrl, I expect that to be the URL used even if I stay on the ShoppingCart page. As it stands now if you launched the shopping cart from another site and want to have the user stay in the store, there is no way to do so.

**Rob** · 02-26-2007

could add 1 line of code that checks for begins with http and then do a hard full redirect afterwards

**jbrinkman** · 02-27-2007

Here is the relevant section of code at the end of the Page_Load event:

Code:

if (AppLogic.AppConfig("AddToCartAction").ToUpperInvariant() == "STAY" && ReturnURL.Length != 0)
{
Response.Redirect(ReturnURL);
}
else
{
if (ReturnURL.Length == 0)
{
   ReturnURL = String.Empty;
  if (Request.UrlReferrer != null)
   {
     ReturnURL = Request.UrlReferrer.AbsoluteUri; // could be null
   }
  if (ReturnURL == null)
  {
     ReturnURL = String.Empty;
  }
}
if (CartType == CartTypeEnum.WishCart)
{
Response.Redirect("wishlist.aspx?ReturnUrl=" + Security.UrlEncode(ReturnURL));
}
if (CartType == CartTypeEnum.GiftRegistryCart)
{
Response.Redirect("giftregistry.aspx?ReturnUrl=" + Security.UrlEncode(ReturnURL));
}
Response.Redirect("ShoppingCart.aspx?add=true&ReturnUrl=" + Security.UrlEncode(ReturnURL));
}

In the line marked in Orange, there are two conditions that could cause the check to fail:
1. AddToCartAction is not set to 'STAY' OR
2. No ReturnUrl was specified in the querystring

In the "else" branch, the original code performed the same steps regardless of the reason for falling through to this branch. I have added the ReturnURL.Length==0 (in red) check so that it mimics condition #2. Essentially, if the user supplied a return URL then we don't want to reset it in the "else" branch.

**Rob** · 02-27-2007

I'll get it updated to reflect this logic. Sounds good.

**fsantos** · 02-27-2007

This is a great contributing community and also a great company supporting our requests. Makes me VERY happy that I am paying for yearly support because I see the return on that investment.

Thank you for all of you contributing with improvements, and thank you ADNSF team for listening to us and doing it.

fsantos

**Alkaline** · 07-09-2007

please sticky this! I hate it when these valuable posts get deleted during monthly maintenance!

Thread: Programmatically Adding To the Cart

Thread Tools

Display

Programmatically Adding To the Cart

Posting Permissions