diff --git a/api/order.php b/api/order.php
index ae6042a..21bfb8d 100644
--- a/api/order.php
+++ b/api/order.php
@@ -141,8 +141,6 @@ try {
 
             if ($product['is_loyalty']) {
                 $loyalty_items_indices[] = count($processed_items);
-            } elseif ($redeem_loyalty) {
-                throw new Exception("Redemption is only allowed when all items in the cart are loyalty-eligible.");
             }
 
             $processed_items[] = [
@@ -400,4 +398,4 @@ You've earned *{points_earned} points* with this order.
     if ($pdo->inTransaction()) $pdo->rollBack();
     error_log("Order Error: " . $e->getMessage());
     echo json_encode(['success' => false, 'error' => $e->getMessage()]);
-}
\ No newline at end of file
+}
diff --git a/assets/js/main.js b/assets/js/main.js
index 52858e6..b9d949f 100644
--- a/assets/js/main.js
+++ b/assets/js/main.js
@@ -690,10 +690,8 @@ document.addEventListener('DOMContentLoaded', () => {
             if (data.success) {
                 receiptData.orderId = data.order_id;
                 
-                // Show receipt for Quick Pay (where paymentTypeId is provided)
-                if (paymentTypeId !== null) {
-                    printThermalReceipt(receiptData);
-                }
+                // Show receipt for both Quick Pay and Place Order
+                printThermalReceipt(receiptData);
 
                 showToast(`${_t('order_placed')} #${data.order_id}`, 'success');
                 clearCart();
@@ -843,4 +841,4 @@ document.addEventListener('DOMContentLoaded', () => {
         const modal = new bootstrap.Modal(document.getElementById('qrRatingModal'));
         modal.show();
     };
-});
+});
\ No newline at end of file
diff --git a/assets/js/main.js?v=533-538 b/assets/js/main.js?v=533-538
deleted file mode 100644
index 21df886..0000000
--- a/assets/js/main.js?v=533-538
+++ /dev/null
@@ -1,6 +0,0 @@
-            PAYMENT_TYPES.forEach(pt => {
-                const col = document.createElement('div');
-                col.className = 'col-12';
-                col.innerHTML = `<button class="btn btn-outline-primary w-100 py-3 payment-btn" onclick="processOrder(${pt.id}, '${pt.name}')">${pt.name}</button>`;
-                paymentMethodsContainer.appendChild(col);
-            });
diff --git a/includes/functions.php b/includes/functions.php
index b803e60..4a2bf5c 100644
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -225,7 +225,7 @@ function render_pagination_controls($pagination, $extra_params = []) {
  * Get the project root URL
  */
 function get_base_url() {
-    $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || ($_SERVER['SERVER_PORT'] ?? 80) == 443 ? "https://" : "http://";
+    $protocol = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || ($_SERVER['SERVER_PORT'] ?? 80) == 443 || ($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? "") === "https" ? "https://" : "http://";
     $host = $_SERVER['HTTP_HOST'] ?? 'localhost';
     
     $script = $_SERVER['SCRIPT_NAME'] ?? '/index.php';
@@ -264,7 +264,7 @@ function init_session() {
         ini_set('session.gc_maxlifetime', (string)$lifetime);
         
         // Set cookie parameters before session_start
-        $isSecure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || ($_SERVER['SERVER_PORT'] ?? 80) == 443;
+        $isSecure = (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') || ($_SERVER['SERVER_PORT'] ?? 80) == 443 || ($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? "") === "https";
         
         session_set_cookie_params([
             'lifetime' => $lifetime,
@@ -431,4 +431,4 @@ function trigger_auto_backup() {
             $stmt->execute();
         }
     }
-}
\ No newline at end of file
+}