The error comes from your SQL query,
$sql="SELECT * FROM member WHERE userName='$userName' AND pword=md5('$password')";
You are trying to access the variables that are not defined anywhere in the visible code of PHP, either perhaps you need to check via isset, to see if this can be done or not,
if(isset($userName, $password)) {
} else {
}
Check with these and then execute, that will be safely executed.
PHP: isset - Manual[
^]