//Checks the password is correct for given username and returns user object if correct
        //Returns null if login details incorrect
        public static User login(string username, string password)
        {
            int    count;
            string salt;
            string email;
            int    userID, isArtist;

            try{
                //Check if username already registered
                count = (int)SqlComm.SqlReturn("usernameCount @username='******'");
                if (count > 0)
                {
                    salt     = (string)SqlComm.SqlReturn("getSalt @username='******'");
                    password = SqlComm.Enc(password + salt);
                    count    = (int)SqlComm.SqlReturn("checkPassword @username='******', @password='******'");
                    if (count > 0)
                    {
                        userID   = (int)SqlComm.SqlReturn("getUserID @username='******'");
                        email    = (string)SqlComm.SqlReturn("getEmail @userID=" + userID);
                        isArtist = (int)SqlComm.SqlReturn("getIsArtist @userID=" + userID);
                        return(new User(username, userID, email, isArtist));
                    }
                }
                return(null);
            }catch {
                return(new User());
            }
        }
        //Updates the password of the given user
        private void updatePassword(int userID, string password)
        {
            string salt;
            string sql;

            salt     = (string)SqlComm.SqlReturn("getSalt @username='******'");
            password = SqlComm.Enc(password + salt);
            sql      = "updatePassword @userID =" + userID + ",@password ='******'";
            SqlComm.SqlExecute(sql);
        }
        //Inserts the given details into the database if both email and username are not already registered
        //Returns a string with message indicated whether insert was succesful or reason why it wasn't
        public static string insert(string username, int isArtist, string email, string password)
        {
            string sql, salt;
            int    count;
            int    userID;
            string dbMessage;

            //Get salt and hash password
            salt     = SqlComm.CreateSalt();
            password = SqlComm.Enc(password + salt);

            //Check if email already registered
            count = (int)SqlComm.SqlReturn("emailCount @email='" + email + "'");
            if (count < 1)
            {
                //Check if username already registered
                count = (int)SqlComm.SqlReturn("usernameCount @username='******'");
                if (count < 1)
                {
                    //If not already registered insert into database
                    sql = "insertNewUser @userName='******' , @email='" + email + "', @isArtist ='" + isArtist + "',@userPassword = '******',@salt='" + salt + "'";
                    SqlComm.SqlExecute(sql);

                    //If is curator create default artist profile
                    if (isArtist == 1)
                    {
                        userID = (int)SqlComm.SqlReturn("getUserID @username='******'");
                        Artist.insert(userID, username, "", "");
                    }
                    dbMessage = "";
                }
                else
                {
                    dbMessage = "Username already registered";
                }
            }
            else
            {
                dbMessage = "Email already registered";
            }
            return(dbMessage);
        }