Just to be clear, you want to put code in the URL and then when the page is hit execute that code? If so, that’s a horrible idea from a security point of view, as anyone can just run any code they like.
Better would be to only pass the product ID and quantity to the URL, like ?id=368&quantity=5 and then in the code do something like so:
function create_order($productId, $quantity) {
global $woocommerce;
$address = array(
'first_name' => 'ali' ,
'last_name' => 'Corson',
'company' => 'Automattic',
'email' => 'no@spam.com',
'phone' => '123-123-123',
'address_1' => '123 Main Woo st.',
'address_2' => '100',
'city' => 'San Francisco',
'state' => 'Ca',
'postcode' => '92121',
'country' => 'US'
);
// Now we create the order
$order = wc_create_order();
$order->add_product(get_product($productId), $quantity);
// Set addresses
$order->set_address( $address, 'billing' );
$order->set_address( $address, 'shipping' );
// Set payment gateway
$payment_gateways = WC()->payment_gateways->payment_gateways();
$order->set_payment_method( $payment_gateways['bacs'] );
// Calculate totals
$order->calculate_totals();
$order->update_status( 'Completed', 'Order created dynamically - ', TRUE);
}
$id = null;
if (isset($_GET['id']) && filter_var($_GET['id'], FILTER_VAR_INT) !== false) {
$id = $_GET['id'];
}
if ($id === null) {
exit ('Product ID missing or not a number');
}
$quantity = null;
if (isset($_GET['quantity']) && filter_var($_GET['quantity'], FILTER_VAR_INT) !== false) {
$quantity = $_GET['quantity'];
}
if ($quantity === null) {
exit ('Product quantity missing or not a number');
}
create_order($id, $quantity);