What's wrong with this code?

trying to update data<?php include("connect.php"); include("functions.php"); if(logged_in()) { ?> <a href="changepassword.php">Change Password</a> <a href="logout.php" style="float:right; padding:10px; margin-right:40px; background-color:#eee; color:#333; text-decoration:none;">Logout</a> <?php } else { header("location:login.php"); exit(); } $amount = ""; $id=""; $error=""; if(isset($_POST['submit'])) { $userid = $_POST['id']; $amount = $_POST['amount']; $verify = mysqli_query($con,"SELECT amount FROM users WHERE id = '$id'"); $row=mysqli_num_rows($verify); if ($row <= 0) { $error = "invalid username or password!"; }else{ $sql = "UPDATE users SET amount='.$amount.' WHERE id='$id'"; mysqli_query($con,$sql); } } ?> This is form code <div id="formDiv"> <form method="POST" action="profile.php" enctype="multipart/form-data"> <label>ID:</label><br/> <input type="text" name="id" class="inputFields" required/><br/><br/> <label>Amount</label><br/> <input type="text" name="amount" class="inputFields" required/><br/><br/> <input type="submit" class="theButtons" name="submit"/> </form>