[minor] Fix SQL injection vulnerabilities in OceanBase connector

[yuanoOo]

Description

Fixes SQL injection vulnerabilities in OceanBase connector's databaseExists and tableExists methods by replacing string concatenation with parameterized queries.

Changes

• OceanBaseCatalog.java: Added parameterized query support to executeSingleColumnStatement
• OceanBaseMySQLCatalog.java: Fixed databaseExists and tableExists to use PreparedStatement
• OceanBaseTestMySQLCatalog.java: Updated method signature
• Tests: Added SQL injection prevention test cases

Security Analysis

• Fixed: databaseExists and tableExists methods now use parameterized queries
• Already Secure: createTable method uses proper identifier quoting with backticks, no changes needed

Security Fix

Before: String.format("SELECT ... WHERE SCHEMA_NAME = '%s'", databaseName) ❌
After: PreparedStatement with parameterized queries ✅