SQL values not sent to table (C#/ASP.NET)

I am trying to set up an page to replicate an ATM using C#, ASP.NET and MSSQL (MSSQLEXPRESS if that matters). One part of it is a "new user" page to "sign up" for the "service". The problem is that when I test the page, I get an error message I set up to detect invalid credit card numbers, regardless of the number input. I believe the problem is in either my click event code, my C# query code or in my stored procedure to the event. I think the solution for this is most likely a simple one, but perhaps a pair of fresh eyes will see the problem.

Any help or suggestions would be greatly appreciated.

Code for button click:

protected void btnSubmit_Click(object sender, EventArgs e)
    {
        string display;
        long cardnum;
        string strcard = Request.Params.Get("__CREDITCARD");
        if (long.TryParse(strcard, out cardnum))
        {
            string first = Request.Params.Get("__FIRSTNAME");
            string middle = Request.Params.Get("__MIDDLENAME");
            string last = Request.Params.Get("__LASTNAME");
            string email = Request.Params.Get("__EMAIL");
            string address = Request.Params.Get("__ADDRESS");
            string username = Request.Params.Get("__USERNAME");
            string password = Request.Params.Get("__PASSWORD");
            int retcode = SqlQueries.changeUserInfo(cardnum, username, password, first, middle, last, email, address, out display);
            switch (retcode)
            {
                case 1:
                    display = "Credit card number can only contain digits";
                    Alert.show(Page, this.GetType(), "Input Error", display);
                    UserDetails.Username = username;
                    UserDetails.Password = password;
                    Response.Redirect("HomePage.aspx");
                    return;

                case 0:
                    display = "Invalid credit card number";
                    break;
            }
        }
        else
        {
            display = "Credit card number can only contain digits";
        }

        Alert.show(Page, this.GetType(), "Input Error", display);
    }

Which uses the changeUserInfo method from my SqlQueries class:

public static int changeUserInfo(long cardNum, string username, string password, string strFirstName, string strMiddleName, string strLastName, string strEmail, string strAddress, out string strError)
    {
        //SQL connection
        SqlConnection objConn = new SqlConnection(strconnectionSting);
        objConn.Open();
        int intReturnValue = -1;
        strError = string.Empty;
        //If connection is open

        if (objConn != null && objConn.State == ConnectionState.Open)
        {
            //Call to stored procedure: qprtnum_UpdatePartNumber
            SqlCommand cmd = new SqlCommand("updateUserInfo", objConn);
            cmd.CommandType = CommandType.StoredProcedure;
            try
            {
                cmd.Parameters.Add(new SqlParameter("@CardNum", SqlDbType.Decimal, 150));
                cmd.Parameters["@CardNum"].Precision = 18;
                cmd.Parameters["@CardNum"].Scale = 0;
                cmd.Parameters["@CardNum"].Value = cardNum;
                cmd.Parameters.Add(new SqlParameter("@Username", SqlDbType.NVarChar, 50));
                cmd.Parameters["@Username"].Value = username;
                cmd.Parameters.Add(new SqlParameter("@Password", SqlDbType.NVarChar, 50));
                cmd.Parameters["@Password"].Value = password;
                cmd.Parameters.Add(new SqlParameter("@FirstName", SqlDbType.NVarChar, 150));
                cmd.Parameters["@FirstName"].Value = strFirstName;
                cmd.Parameters.Add(new SqlParameter("@MiddleName", SqlDbType.NVarChar, 150));
                cmd.Parameters["@MiddleName"].Value = strMiddleName;
                cmd.Parameters.Add(new SqlParameter("@LastName", SqlDbType.NVarChar, 150));
                cmd.Parameters["@LastName"].Value = strLastName;
                cmd.Parameters.Add(new SqlParameter("@EmailAddress", SqlDbType.NVarChar, 50));
                cmd.Parameters["@EmailAddress"].Value = strEmail;
                cmd.Parameters.Add(new SqlParameter("@Address", SqlDbType.NVarChar, 150));
                cmd.Parameters["@Address"].Value = strEmail;


                //Return Value
                cmd.Parameters.Add("@ReturnValue", SqlDbType.Int);
                cmd.Parameters["@ReturnValue"].Direction = ParameterDirection.ReturnValue;

                cmd.ExecuteNonQuery();
                intReturnValue = (int)cmd.Parameters["@ReturnValue"].Value;

                strError = string.Empty;
            }
            catch (SqlException err)
            {
                intReturnValue = -1;
                strError = err.Message;
            }
            catch (Exception ex)
            {
                intReturnValue = -1;
                strError = ex.Message;
            }
            finally
            {
                objConn.Close();
            }
        }
        else
        {
            //Error
            intReturnValue = -1;
            strError = "Error";
        }
        return intReturnValue;
    }

Stored procedure "updateUserInfo":

    USE [ATM]
GO
/****** Object:  StoredProcedure [dbo].[updateUserInfo]    Script Date: 4/15/2014 1:43:28 PM ******/
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO

-- =============================================
-- Author:      <Author,,Name>
-- Create date: <Create Date,,>
-- Description: <Description,,>
-- =============================================
ALTER PROCEDURE [dbo].[updateUserInfo] 
    @CardNum AS decimal,
    @Username AS nvarchar(50),
    @Password AS nvarchar(50),
    @FirstName AS nvarchar(150),
    @MiddleName AS nvarchar(150),
    @LastName AS nvarchar(150),
    @EmailAddress nvarchar(50),
    @Address nvarchar(150)
AS
BEGIN TRY
    BEGIN TRANSACTION    
    DECLARE @ReturnValue AS INT;

    --Set current date
    DECLARE @Date AS numeric(18,0);
    DECLARE @Hours int;
    DECLARE @Minutes int;
    DECLARE @Seconds int;
    DECLARE @Milliseconds INT;
    DECLARE @CurDate as VARCHAR(50);

    SET @Hours = DATEPART(hh, GETDATE())
    SET @Minutes = DATEPART(mi, GETDATE())
    SET @Seconds = DATEPART(ss, GETDATE())


    SELECT @CurDate = CONVERT(VARCHAR(35),GETDATE(),112)
    SET @CurDate = @CurDate + CONVERT(VARCHAR(5), @Hours) + CONVERT(VARCHAR(5), @Minutes) + CONVERT(VARCHAR(5),@Seconds)

    SELECT @Date = CONVERT(decimal(18,0), @CurDate)

    -- Insert statements for procedure here


    enter code here
    UPDATE dbo.tblClient
       SET [cliCardNum] = @CardNum
          ,[cliFirstName] = @FirstName
          ,[cliMiddleName] = @MiddleName
          ,[cliLastName] = @LastName 
          ,[cliEmailaddress] = @EmailAddress
          ,[cliAddress] = @Address
          ,[TimeStamp] = @Date
          ,Enabled = 1
     WHERE cliUsername=@Username AND cliPassword=@Password

    SET @ReturnValue=0;
    COMMIT TRANSACTION;
    RETURN @ReturnValue
END TRY
BEGIN CATCH
  IF @@TRANCOUNT > 0
     ROLLBACK

    -- Raise an error with the details of the exception
    DECLARE @ErrMsg nvarchar(4000), @ErrSeverity int
    SELECT @ErrMsg = ERROR_MESSAGE(),
         @ErrSeverity = ERROR_SEVERITY()

    RAISERROR(@ErrMsg, @ErrSeverity, 1)
    SET @ReturnValue=-1;
    Print @ReturnValue
    RETURN @ReturnValue;
END CATCH