// create a user
 public User createUser(User user) {
   String sql = "insert into user values (null,?,?,?,?,?)";
   try {
     Connection connection = ds.getConnection();
     PreparedStatement statement = connection.prepareStatement(sql);
     statement.setString(1, user.getFirstName());
     statement.setString(2, user.getLastName());
     statement.setString(3, user.getUsername());
     statement.setString(4, user.getPassword());
     statement.setString(5, user.getEmail());
     statement.executeUpdate();
   } catch (SQLException e) {
     // TODO Auto-generated catch block
     e.printStackTrace();
   }
   return null;
 }
 // update a user by id
 public User updateUser(int id, User user) {
   String sql =
       "update user set firstName=?, lastName=?, username=?, password=?, email=? where id=?";
   try {
     Connection connection = ds.getConnection();
     PreparedStatement statement = connection.prepareStatement(sql);
     statement.setString(1, user.getFirstName());
     statement.setString(2, user.getLastName());
     statement.setString(3, user.getUsername());
     statement.setString(4, user.getPassword());
     statement.setString(5, user.getEmail());
     statement.setInt(6, id);
     statement.executeUpdate();
   } catch (SQLException e) {
     // TODO Auto-generated catch block
     e.printStackTrace();
   }
   return user;
 }