Fix(#3586230): owasp audit remediations

SQL Injection (High):

• PostgresProvider::processConditionGroup(): Add operator whitelist (=, !=, <>, >, <, >=, <=, IN, NOT IN, LIKE, NOT LIKE, BETWEEN) to reject arbitrary SQL via Search API condition operators. Unrecognized operators now emit a warning and are skipped.
• PostgresProvider::processConditionGroup(): Escape field identifiers with pg_escape_identifier() via escapeIdentifierForSql() before interpolation into SQL filter strings.
• PostgresPgvectorClient::createCollection(): Explicitly cast $dimension to (int) before interpolation into CREATE TABLE DDL.
• PostgresPgvectorClient::querySearch(), vectorSearch(): Explicitly cast $limit and $offset to (int) as defense-in-depth against weak typing. Sensitive Data Exposure (Medium):
• AmazeeClient::getExistingApiKey(): Truncate API key to first 8 characters in error log to prevent full credential exposure in watchdog/dblog.
• TrialAccountProvisioner::provisionTrialAccount(): Remove raw response bodies and print_r() output from exception messages to prevent accidental credential leakage in logs or error displays. Connection String Safety (Low):
• PostgresPgvectorClient::connect(): Escape pg_connect() parameters with addcslashes() for single quotes and backslashes per libpq connection string conventions. Cast port to (int).
• PostgresPgvectorClient::prepareRelationQuery(): Use pg_escape_literal() instead of pg_escape_identifier() for the sequence name passed to currval(), fixing semantic mismatch (currval expects a string literal, not a quoted identifier). Remove redundant surrounding single quotes.