How to protect pages with double authentication: password + email (in custom field)
When you set a post as password protected, the protection happen on get_the_content() function. There WordPress check for a post password cookie, and if not set, not valid or expired then show the password form. This password form is submitted to wp-login.php, there a cookie is setted according to the password wrote in the form, … Read more