extra parameter added to container ID in search string causes error

Found in PINES when researching server-level library access problems. Crawler bots were performing bib searches over and over with these sorts of error messages (PostgreSQL):

ERROR: invalid input syntax for integer: "2151338?modifier=metabib"
ERROR: invalid input syntax for integer: "2151338?blimit=10" at character 559
ERROR: invalid input syntax for integer: "2151338?redirect_to=/eg/opac/galileo" at character 557
ERROR: invalid input syntax for integer: "2151338?metarecord=2172909" at character 2907
ERROR: invalid input syntax for integer: "2151338?locg=184" at character 537

Deeper investigation showed that the query parser code is taking the container ID as-is and trying to use it as an integer in the dynamically generated query:

1623 $with .= " SELECT $rec_field AS record FROM container.${class}_bucket_item ci\n"
1624 . " JOIN container.${class}_bucket c ON (c.id = ci.bucket) $rec_join\n"
1625 . " WHERE c.btype = " . $self->QueryParser->quote_value($ctype) . "\n"
1626 . " AND c.id = " . $self->QueryParser->quote_value($cid) . "\n"
1627 . " AND (c.pub IS TRUE$perm_join)\n";

Key line is " AND c.id = " . $self->QueryParser->quote_value($cid)"

We need to be sanitizing that data better to prevent this.