turning back to the warning message, I've checked it again:
"Warning: Cannot modify header information - headers already sent by (output started at /home/sth/mysite.com/rs-area/menu.php:3) in /home/sth/mysite.com/webassist/mysqli/authentication.php on line 206 "
It is not refering to the line 206 in my menu.php page, but to the line 206 of your authentication.php file. Infact in that line I can read :
"... header("location: " . $this->addQuerystring($url)); ..."
For more testing purposes I have duplicated my menu.php page and renamed it "any-restricted-page.php" . In case I'm not logged in, the URL, something like https://www.mysite.com/rs-area/menu.php is going to get that warning message, while the https://www.mysite.com/rs-area/any-restricted-page.php is going to be redirected fine to the https://www.mysite.com/rs-area/not-authorized.php as both of them should be in that case.
I think, perhaps, it is because of some double redirects that happening in case of the menu.php, because the only difference between menu.php and any-restricted-page.php is that the former is the target landing page in my Login page in case of success login.