Persistent config item change on the go

I'm trying to change the config item "sess_expiration" in code.

Basically I have a login form. If people log in normally, the session will be cleared once the browser is closed, by setting "sess_expiration" to 0 in the config file, and they will have to log in again once they visit the site again. Now if people check a checkbox, the session should be saved for a set period, and even when people close the browser, they should still be logged in once they come back.

I tried changing "sess_expiration" when the checkbox is checked, however the setting is reset when the user navigates to the next page, and if I close the browser, I have to log in again.

Is there anyway to change "sess_expiration" properly dynamically, or should I do this in a other way?

You don't do that with a session, but with a cookie.

If a user checks the box, then set a remember me cookie. When the user returns, you check if this cookie is set and if it is still valid.

the safest is always to validate against something on the server. a cookie which stores session info should be considered user input.
so if you only store a unique key on the cookie - then you can use that key to validate the session against what is in the session database
(or the session file which is on the server if you are storing it there)

so then you don't have to destroy a session to make changes. you keep the same unique key, but the "state" changes from logged in,
to logged out. and its Not the cookie that says they are logged in or not. all that is on the cookie is a long random string.
the vital information is only on the server, so it can't be spoofed by the user.