Avoid escaping issues in authority.normalize_heading() by parameterizing the query

Avoid escaping issues in authority.normalize_heading() by parameterizing the query

Long story short: MARC subfield values containing backslashes caused noise
and in some cases painful errors. Using spi_prepare/spi_exec_query is the
safest way of handling escaping, rather than adding more regexes and munging
the data before it even gets to naco_normalize().

Most painful case was <subfield code="a">Foo, Bar\</subfield> - the trailing
slash ended up escaping the enclosing single quote (because PostgreSQL isn't
configured by default with strict conformance to SQL escaping rules yet) and
threw an error.

git-svn-id: svn://svn.open-ils.org/ILS/trunk@19201 dcc99617-32d9-48b4-a31d-7c20da2025e4